1. Security-Oriented Cloud Computing
Platform for
Critical Infrastructures
Name: MOHAMMED SAQIB
USN: 1GA10IS021
Sub Code:10IS86
Under the guidance of
Ms. RESMA K.S
Dept. Of ISE
GAT
1
2. Content
Abstract
Introduction
Problem statement
Dataflow diagram
Methodology
Case study
Conclusion
References
Dept. Of ISE
GAT
2
3. Abstract
The rise of virtualization and cloud computing is one of the
most significant features of computing in the last 10 years.
There are still a number of technical barriers that prevent it
from becoming the truly ubiquitous service it has the potential
to be.
There are the issues of data security and the lack of trust that
users have in relying on cloud services.
Working to reinforce the integrity and security of cloud
services and it is applied to Critical Infrastructures to identify
the core requirements, components and features.
Dept. of ISE
GAT
3
4. INTRODUCTION
Cloud computing is a concepts that involve a large number of
computers
connected
through
a
real-time
communication network such as the Internet.
In Cloud computing it is possible to run a program or application on
many connected computers at the same time.
It offers processing and storing resources as an on-demand service
and on a highly scalable basis.
Many companies including Google and Microsoft are now offering
public cloud services while Enterprises are looking to deploy private
cloud infrastructures based on this model.
Dept. Of ISE
GAT
4
5. INTRODUCTION
As an overview, this topic amalgamates Cloud Computing,
Security and Critical Infrastructures by applying the principles
of the each of these to the others in an attempt to protect
assets deployed in the cloud.
Dept. Of ISE
GAT
5
6. PROBLEM STATEMENT
Major aspect to be considered for migrating to the cloud:
Security: while some cloud computing security issues are inherited
from the solutions adopted to create such services, many new security
questions that are particular to these solutions also arise, including
how the data is organized in critical infrastructures and what kind of
data can be placed in the cloud.
For a better understanding of this complex scenario, identify the main
security issues in cloud computing for critical infrastructure, giving an
overview of the current status of security in this emerging technology.
Dept. Of ISE
GAT
6
8. METHODOLOGY
Trusted Computing for
Critical Infrastructures.
Security Issues in
Cloud.
How Clouds can be
secured?
An Integrated approach
to Secure Clouds.
Dept. Of ISE
GAT
8
9. Trusted computing platforms:
A field of computing whereby a device behaves in a consistent,
predictable manner through cryptography and authentication
techniques.
Key concepts:
• Endorsement keys
• Secure input / output.
• Remote attestation.
Critical Infrastructures:
CIs are services which are serious/sensitive that cause massive
disruption to dependent system if compromised or destroyed.
Services provided:
• Energy distribution.
• Emergency services.
• Security services.
• Public utilities.
Dept. Of ISE
GAT
9
10. Critical Infrastructures usually can be protected by the following
Features
activities:
Of
Analysis and assessment.
CI
Protection. and Warning.
Indication
Mitigation, Reconstitution.
Trusted Cloud Computing
Trusted cloud elements in cloud computing :
Protects the underlying infrastructures like:
a. Datacenters.
b. Interconnection networks.
Data can be protected by Watermarking and Deployment of
encryption methods.
Dept. Of ISE
GAT
10
11. Data Security in Cloud Platforms
CLOUD DATA SECURITY:
Traditionally achieved using :
Encryption.
DES or AES.
Attackers gain access to data by compromising shared
resources.
Integrity of the data.
Other issues in data security:
1. Authentication, Authorization, Accounting and User Control.
2. Robustness.
Dept. Of ISE
GAT
11
12. Securing the Cloud Network
Why is securing network connectivity vital?
The Critical Infrastructure in Cloud computing requires
that, not only must the connection be made secure from attack
but special care must be taken to prevent connection failures
where reliable, consistent access to resources is mission
critical.
We can secure cloud by employing:
i. Network security approaches.
ii. Network data encryption.
Dept. Of ISE
GAT
12
13. Network security approaches
Implement firewalls.
Monitoring and other mechanisms to provide sufficient level of
security.
Implementing the Intrusion Prevention Systems(IPS).
Dept. Of ISE
GAT
13
14. .
Network Data Encryption
This employs the following:
a) Transport Level Security(TLS)
b) IPSec
c) Secure shell protocol (SSH)
Dept. Of ISE
GAT
14
15. An Integrated Approach to Secure Clouds
As an approach to secure clouds we identify the CI threats and their
requirements.
Critical Infrastructure threats
Hacking Attacks
DoS attacks
End to End Issues
Data Loss or Corruption
Equipment Failures
Critical Infrastructure requirements
Scalability
Secure infrastructure
Minimal cost
High assurance
Dept. Of ISE
GAT
15
16. CASE STUDY
A PARKINSON DISEASE iPAD APP
The iPad application (app) that allowed patients with Parkinson Disease to
perform several tests which provide diagnostic information and allow the test
results to be shared with a neurologist, hence facilitating management of the
disease.
The major benefit is that patient does not need to travel to see their
neurologist to perform the tests.
By conforming to Apple’s Human Interface Guidelines, it was expected that
this requirement could be met, provided that the cloud services could be
implemented for an iPad.
The basic requirements were to provide an app that allows a patient to
perform two diagnostic tests, those tests can be saved and stored locally, to
provide summary statistics and relevant graphical feedback to a patient so that
he may track his progress and allow the sharing of patient data between one or
more parties in a seamless and transparent way.
Dept. Of ISE
GAT
18
17. CASE STUDY
Figure 1: Sample Test from the Parkinson Disease
Tester App.
Dept. Of
GAT
17
18. Case study
Figure 2: Sample Output from the Parkinson Disease
Tester App
Dept. Of ISE
GAT
18
19. CONCLUSION
It’s important that cloud platforms need to be demonstrably
secure in order to drive the adoption of cloud services among
Critical Infrastructure providers.
These include mechanisms to secure the cloud services, end
to end networking interconnecting the users and the cloud
infrastructure by itself.
A recent trend in this area is to employ powerful, latest
techniques such as trusted computing and resilient
networking in order to increase the security and increase the
demanding customer base of Cloud Computing.
Dept. Of ISE
GAT
21
20. REFERENCES
[1] Security Oriented Cloud Computing Platform For Critical Infrastructure-T.
Baker , A. Al-Yasiri , M. Mackay
[2]. Brian Hay, Kara Nance, Matt Bishop, Storm Clouds Rising: Security
Challenges for IaaS Cloud Computing Proceedings of the 44th Hawaii
International Conference on System-Sciences 2011.
[3]. John C. Mace, Aad van Moorsel, Paul Watson, The Case for Dynamic
Security Solutions in Public Cloud Workflow Deployments School of
Computing Science & Centre for Cybercrime and Computer Security (CCCS)
Newcastle University, Newcastle upon Tyne, NE1 7RU, UK.
[4 ]. CLOUD SECURITY: A CASE STUDY IN TELEMEDICINE ,Michael N.
Johnstone School of Computer and Security Science and ECU Security Research
Institute Edith Cowan University, Perth, Western Australia
m.johnstone@ecu.edu.au.
Dept. Of ISE
GAT
20