SlideShare a Scribd company logo

Lecture01: Introduction to Security and Privacy in Cloud Computing

R
ragibhasan

600.412.Lecture01: Introduction to Security and Privacy in Cloud Computing. Spring 2010 course at the Johns Hopkins University.

EducationTechnology
1 of 30
Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 1 01/25/2010
Welcome to the class Administrative details When? : Monday 3pm-3.50pm Where?: Shaffer 202 Web: http://www.cs.jhu.edu/~ragib/sp10/cs412 Instructor: Ragib Hasan, 324NEB, rhasan7@jhu.edu Office hours: Monday 4pm-5pm (more TBA) 1/25/2010 2 en.600.412 Spring 2010
Goals of the course Identify the cloud computing security issues Explore cloud computing security issues Learn about latest research 1/25/2010 3 en.600.412 Spring 2010
Plan Each week, we will Pick a different cloud computing security topic Discuss general issues on the topic Read one or two latest research paper on that topic 1/25/2010 4 en.600.412 Spring 2010
Evaluations Based on paper reviews Students taking the course for credit will have to submit 1 paper review per week The reviews will be short, 1 page discussion of the paper’s pros and cons (format will be posted on the class webpage) 1/25/2010 5 en.600.412 Spring 2010
What is Cloud Computing? 1/25/2010 6 en.600.412 Spring 2010 Let’s hear from the “experts”
What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 7 The infinite wisdom of the crowds (via Google Suggest)
What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 8 We’ve redefined Cloud Computing to include everything that we already do. . . . I don’t understand what we would do differently in the light of Cloud Computing other than change the wording of some of our ads. Larry Ellison, founder of Oracle
What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 9 It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign Richard Stallman GNU
What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 10 Cloud Computing will become a focal point of our work in security. I’m optimistic … Ron Rivest The R of RSA
So, What really is Cloud Computing? Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with Infinite and elastic resource scalability On demand “just-in-time” provisioning No upfront cost … pay-as-you-go 1/25/2010 en.600.412 Spring 2010 11 That is, use as much or as less you need, use only when you want, and pay only what you use,
The real story “Computing Utility” – holy grail of computer science in the 1960s. Code name: MULTICS 1/25/2010 en.600.412 Spring 2010 12 Why it failed? ,[object Object]
And personal computer became cheaper and stronger,[object Object]
The real story … continued 1/25/2010 en.600.412 Spring 2010 14 Post-dot-com bust, big companies ended up with large data centers, with low utilization Solution: Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computing was born …
Cloud computing provides numerous economic advantages For clients: No upfront commitment in buying/leasing hardware Can scale usage according to demand Barriers to entry lowered for startups For providers: Increased utilization of datacenter resources 1/25/2010 en.600.412 Spring 2010 15
Cloud computing means selling “X as a service” IaaS: Infrastructure as a Service Selling virtualized hardware PaaS: Platform as a service Access to a configurable platform/API SaaS: Software as a service Software that runs on top of a cloud 1/25/2010 en.600.412 Spring 2010 16
Cloud computing architecture 1/25/2010 en.600.412 Spring 2010 17 e.g., Web browser SaaS, e.g., Google Docs PaaS, e.g., Google AppEngine IaaS, e.g., Amazon EC2
Different types of cloud computing 1/25/2010 en.600.412 Spring 2010 18 PaaS IaaS Microsoft Azure Clients can choose languages, but can’t change the operating system or runtime Amazon EC2 Clients can rent virtualized hardware, can control the software stack on the rented machines Google AppEngine Provides a programmable platform that can scale easily
So, if cloud computing is so great, why aren’t everyone doing it? 1/25/2010 en.600.412 Spring 2010 19 Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks
Companies are still afraidto use clouds 1/25/2010 en.600.412 Spring 2010 20 [Chow09ccsw]
Anatomy of fear … Confidentiality Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) Will the cloud provider itself be honest and won’t peek into the data? 1/25/2010 en.600.412 Spring 2010 21
Anatomy of fear … Integrity How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it? 1/25/2010 en.600.412 Spring 2010 22
Anatomy of fear … Availability Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? What happens if cloud provider goes out of business? 1/25/2010 en.600.412 Spring 2010 23
Anatomy of fear … Privacy issues raised via massive data mining Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 1/25/2010 en.600.412 Spring 2010 24
Anatomy of fear … Increased attack surface Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished 1/25/2010 en.600.412 Spring 2010 25
Anatomy of fear … Auditability and forensics Difficult to audit data held outside organization in a cloud Forensics also made difficult since now clients don’t maintain data locally 1/25/2010 en.600.412 Spring 2010 26
Anatomy of fear … Legal quagmire and transitive trust issues Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? If cloud provider subcontracts to third party clouds, will the data still be secure? 1/25/2010 en.600.412 Spring 2010 27
What we need is to … Adapt well known techniques for resolving some cloud security issues Perform new research and innovate to make clouds secure 1/25/2010 en.600.412 Spring 2010 28
Final quote 1/25/2010 en.600.412 Spring 2010 29 [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO
1/25/2010 30 en.600.412 Spring 2010 Further Reading Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing, UC Berkeley Tech Report UCB/EECS-2009-28, February 2009. Chow et al., Cloud Computing: Outsourcing Computation without Outsourcing Control, 1st ACM Cloud Computing Security Workshop, November 2009.

Recommended

Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingAvinash Saklani
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentationMuhammad Usama Zuberi
 
Cloud computing
Cloud computing Cloud computing
Cloud computing hari krishnan.n
 
Cloud computing
Cloud computingCloud computing
Cloud computingpgayatrinaidu
 
Cloud computing
Cloud computingCloud computing
Cloud computingSiddiq Abu Bakkar
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Cloud computing
Cloud computingCloud computing
Cloud computingSreehari820
 
Cloud computing
Cloud computingCloud computing
Cloud computingMOHIT PANDEY
 

Recommended

Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingAvinash Saklani
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentationMuhammad Usama Zuberi
 
Cloud computing
Cloud computing Cloud computing
Cloud computing hari krishnan.n
 
Cloud computing
Cloud computingCloud computing
Cloud computingpgayatrinaidu
 
Cloud computing
Cloud computingCloud computing
Cloud computingSiddiq Abu Bakkar
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Cloud computing
Cloud computingCloud computing
Cloud computingSreehari820
 
Cloud computing
Cloud computingCloud computing
Cloud computingMOHIT PANDEY
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNaveed Farooq
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud computing
Cloud computingCloud computing
Cloud computingWaseem Ahmed
 
Cloud computing seminar
Cloud computing seminarCloud computing seminar
Cloud computing seminarANKIT KUMAR
 
Cloud computing understanding security risk and management
Cloud computing understanding security risk and managementCloud computing understanding security risk and management
Cloud computing understanding security risk and managementShamsundar Machale (CISSP, CEH)
 
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Simplilearn
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
Cloud computing
Cloud computingCloud computing
Cloud computingShiva Prasad
 
PRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTINGPRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTINGvipluv mittal
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architectureMohammad Ilyas Malik
 
Unit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud ComputingUnit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud ComputingDivya S
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptSarvesh Meena
 
Cloud interoperability
Cloud interoperabilityCloud interoperability
Cloud interoperabilitygaurav jain
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computingDivyesh Shah
 
Cloud computing
Cloud computingCloud computing
Cloud computingحيدر نافع nafaa
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providersVineet Garg
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 
Cloud computing
Cloud computingCloud computing
Cloud computingDebrajKarmakar
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptAmex Ka
 
Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computingsaurabh soni
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 

More Related Content

What's hot

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud computing seminar
Cloud computing seminarCloud computing seminar
Cloud computing seminarANKIT KUMAR
 
Cloud computing understanding security risk and management
Cloud computing understanding security risk and managementCloud computing understanding security risk and management
Cloud computing understanding security risk and managementShamsundar Machale (CISSP, CEH)
 
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Simplilearn
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
PRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTINGPRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTINGvipluv mittal
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architectureMohammad Ilyas Malik
 
Unit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud ComputingUnit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud ComputingDivya S
 
Cloud interoperability
Cloud interoperabilityCloud interoperability
Cloud interoperabilitygaurav jain
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computingDivyesh Shah
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providersVineet Garg
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptAmex Ka
 

What's hot (20)

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing seminar
Cloud computing seminarCloud computing seminar
Cloud computing seminar
 
Cloud computing understanding security risk and management
Cloud computing understanding security risk and managementCloud computing understanding security risk and management
Cloud computing understanding security risk and management
 
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and Risks
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
PRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTINGPRESENTATION ON CLOUD COMPUTING
PRESENTATION ON CLOUD COMPUTING
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment models
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecture
 
Unit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud ComputingUnit-I: Introduction to Cloud Computing
Unit-I: Introduction to Cloud Computing
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Cloud interoperability
Cloud interoperabilityCloud interoperability
Cloud interoperability
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providers
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 

Viewers also liked

Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computingsaurabh soni
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...PRISMACLOUD Project
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingAnkit Singh
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD Worldmkeane
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudChris Swan
 
Cloud Computing : Top to Bottom
Cloud Computing : Top to BottomCloud Computing : Top to Bottom
Cloud Computing : Top to BottomIstiyak Siddiquee
 
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...acinfotec
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computingAhmed Nour
 
Addictive manufacturing
Addictive manufacturingAddictive manufacturing
Addictive manufacturingRudi Pivetta
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Druva
 
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETING
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETINGTẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETING
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETINGInternetMarketing_hn
 
Sheffield Hallam Degree
Sheffield Hallam DegreeSheffield Hallam Degree
Sheffield Hallam DegreeTong Chong Yee
 
About gate entrance exam 2016
About gate entrance exam 2016About gate entrance exam 2016
About gate entrance exam 2016meghasingh812
 
mcjunkin_studies-compendium_web
mcjunkin_studies-compendium_webmcjunkin_studies-compendium_web
mcjunkin_studies-compendium_webJonathon McJunkin
 

Viewers also liked (20)

Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computing
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud Computing
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud Computing
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD World
 
Where is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloudWhere is my big data: security, privacy and jurisdictions in the cloud
Where is my big data: security, privacy and jurisdictions in the cloud
 
Cloud Computing : Top to Bottom
Cloud Computing : Top to BottomCloud Computing : Top to Bottom
Cloud Computing : Top to Bottom
 
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...
C-SEC|2016 Session 3 How to pass and get certify on the new cyber/cloud secur...
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computing
 
Addictive manufacturing
Addictive manufacturingAddictive manufacturing
Addictive manufacturing
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETING
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETINGTẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETING
TẦM QUAN TRỌNG CỦA SOCIAL MEDIA MARKETING
 
D004 nuovo-obbligo-formativo
D004 nuovo-obbligo-formativoD004 nuovo-obbligo-formativo
D004 nuovo-obbligo-formativo
 
Sheffield Hallam Degree
Sheffield Hallam DegreeSheffield Hallam Degree
Sheffield Hallam Degree
 
About gate entrance exam 2016
About gate entrance exam 2016About gate entrance exam 2016
About gate entrance exam 2016
 
mcjunkin_studies-compendium_web
mcjunkin_studies-compendium_webmcjunkin_studies-compendium_web
mcjunkin_studies-compendium_web
 
Fondo Professioni per Argi
Fondo Professioni per ArgiFondo Professioni per Argi
Fondo Professioni per Argi
 

Similar to Lecture01: Introduction to Security and Privacy in Cloud Computing

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Securitysyrinxtech
 
Above the Clouds: A View From Academia
Above the Clouds: A View From AcademiaAbove the Clouds: A View From Academia
Above the Clouds: A View From AcademiaEduserv
 
The Security Of Cloud Computing
The Security Of Cloud ComputingThe Security Of Cloud Computing
The Security Of Cloud ComputingJulie May
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
云计算及其应用
云计算及其应用云计算及其应用
云计算及其应用lantianlcdx
 
An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
 
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
 
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...Associate Professor in VSB Coimbatore
 
Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
 
Paper id 21201458
Paper id 21201458Paper id 21201458
Paper id 21201458IJRAT
 
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...Claire Webber
 

Similar to Lecture01: Introduction to Security and Privacy in Cloud Computing (20)

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Ppt On Cc
Ppt On CcPpt On Cc
Ppt On Cc
 
Above the Clouds: A View From Academia
Above the Clouds: A View From AcademiaAbove the Clouds: A View From Academia
Above the Clouds: A View From Academia
 
The Security Of Cloud Computing
The Security Of Cloud ComputingThe Security Of Cloud Computing
The Security Of Cloud Computing
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
云计算及其应用
云计算及其应用云计算及其应用
云计算及其应用
 
An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...
 
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
 
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...
 
Slides 530 a2
Slides 530 a2Slides 530 a2
Slides 530 a2
 
Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.com
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Paper id 21201458
Paper id 21201458Paper id 21201458
Paper id 21201458
 
cloud
cloudcloud
cloud
 
Cloud security
Cloud security Cloud security
Cloud security
 
Handout1o
Handout1oHandout1o
Handout1o
 
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
 
Cloud Computing Essay
Cloud Computing EssayCloud Computing Essay
Cloud Computing Essay
 

More from ragibhasan

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhokragibhasan
 
600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02ragibhasan
 
600.412.Lecture03
600.412.Lecture03600.412.Lecture03
600.412.Lecture03ragibhasan
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07ragibhasan
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06ragibhasan
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08ragibhasan
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...ragibhasan
 

More from ragibhasan (8)

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhok
 
600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02
 
600.412.Lecture03
600.412.Lecture03600.412.Lecture03
600.412.Lecture03
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
 

Recently uploaded

COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxPooja Bhuva
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 

Recently uploaded (20)

COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 

Lecture01: Introduction to Security and Privacy in Cloud Computing

  • 1. Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 1 01/25/2010
  • 2. Welcome to the class Administrative details When? : Monday 3pm-3.50pm Where?: Shaffer 202 Web: http://www.cs.jhu.edu/~ragib/sp10/cs412 Instructor: Ragib Hasan, 324NEB, rhasan7@jhu.edu Office hours: Monday 4pm-5pm (more TBA) 1/25/2010 2 en.600.412 Spring 2010
  • 3. Goals of the course Identify the cloud computing security issues Explore cloud computing security issues Learn about latest research 1/25/2010 3 en.600.412 Spring 2010
  • 4. Plan Each week, we will Pick a different cloud computing security topic Discuss general issues on the topic Read one or two latest research paper on that topic 1/25/2010 4 en.600.412 Spring 2010
  • 5. Evaluations Based on paper reviews Students taking the course for credit will have to submit 1 paper review per week The reviews will be short, 1 page discussion of the paper’s pros and cons (format will be posted on the class webpage) 1/25/2010 5 en.600.412 Spring 2010
  • 6. What is Cloud Computing? 1/25/2010 6 en.600.412 Spring 2010 Let’s hear from the “experts”
  • 7. What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 7 The infinite wisdom of the crowds (via Google Suggest)
  • 8. What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 8 We’ve redefined Cloud Computing to include everything that we already do. . . . I don’t understand what we would do differently in the light of Cloud Computing other than change the wording of some of our ads. Larry Ellison, founder of Oracle
  • 9. What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 9 It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign Richard Stallman GNU
  • 10. What is Cloud Computing? 1/25/2010 en.600.412 Spring 2010 10 Cloud Computing will become a focal point of our work in security. I’m optimistic … Ron Rivest The R of RSA
  • 11. So, What really is Cloud Computing? Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with Infinite and elastic resource scalability On demand “just-in-time” provisioning No upfront cost … pay-as-you-go 1/25/2010 en.600.412 Spring 2010 11 That is, use as much or as less you need, use only when you want, and pay only what you use,
  • 12.
  • 13.
  • 14. The real story … continued 1/25/2010 en.600.412 Spring 2010 14 Post-dot-com bust, big companies ended up with large data centers, with low utilization Solution: Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computing was born …
  • 15. Cloud computing provides numerous economic advantages For clients: No upfront commitment in buying/leasing hardware Can scale usage according to demand Barriers to entry lowered for startups For providers: Increased utilization of datacenter resources 1/25/2010 en.600.412 Spring 2010 15
  • 16. Cloud computing means selling “X as a service” IaaS: Infrastructure as a Service Selling virtualized hardware PaaS: Platform as a service Access to a configurable platform/API SaaS: Software as a service Software that runs on top of a cloud 1/25/2010 en.600.412 Spring 2010 16
  • 17. Cloud computing architecture 1/25/2010 en.600.412 Spring 2010 17 e.g., Web browser SaaS, e.g., Google Docs PaaS, e.g., Google AppEngine IaaS, e.g., Amazon EC2
  • 18. Different types of cloud computing 1/25/2010 en.600.412 Spring 2010 18 PaaS IaaS Microsoft Azure Clients can choose languages, but can’t change the operating system or runtime Amazon EC2 Clients can rent virtualized hardware, can control the software stack on the rented machines Google AppEngine Provides a programmable platform that can scale easily
  • 19. So, if cloud computing is so great, why aren’t everyone doing it? 1/25/2010 en.600.412 Spring 2010 19 Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks
  • 20. Companies are still afraidto use clouds 1/25/2010 en.600.412 Spring 2010 20 [Chow09ccsw]
  • 21. Anatomy of fear … Confidentiality Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) Will the cloud provider itself be honest and won’t peek into the data? 1/25/2010 en.600.412 Spring 2010 21
  • 22. Anatomy of fear … Integrity How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it? 1/25/2010 en.600.412 Spring 2010 22
  • 23. Anatomy of fear … Availability Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? What happens if cloud provider goes out of business? 1/25/2010 en.600.412 Spring 2010 23
  • 24. Anatomy of fear … Privacy issues raised via massive data mining Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 1/25/2010 en.600.412 Spring 2010 24
  • 25. Anatomy of fear … Increased attack surface Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished 1/25/2010 en.600.412 Spring 2010 25
  • 26. Anatomy of fear … Auditability and forensics Difficult to audit data held outside organization in a cloud Forensics also made difficult since now clients don’t maintain data locally 1/25/2010 en.600.412 Spring 2010 26
  • 27. Anatomy of fear … Legal quagmire and transitive trust issues Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? If cloud provider subcontracts to third party clouds, will the data still be secure? 1/25/2010 en.600.412 Spring 2010 27
  • 28. What we need is to … Adapt well known techniques for resolving some cloud security issues Perform new research and innovate to make clouds secure 1/25/2010 en.600.412 Spring 2010 28
  • 29. Final quote 1/25/2010 en.600.412 Spring 2010 29 [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO
  • 30. 1/25/2010 30 en.600.412 Spring 2010 Further Reading Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing, UC Berkeley Tech Report UCB/EECS-2009-28, February 2009. Chow et al., Cloud Computing: Outsourcing Computation without Outsourcing Control, 1st ACM Cloud Computing Security Workshop, November 2009.