Upload
wso2
View
609
Download
1
Tags:
Embed Size (px)
Citation preview
Last Updated: Nov 2014
Prabath Siriwardena Isura Karunaratne
Security in the Cloud
*
Virtualiza:on
Virtualiza:on
Service Oriented Architecture
Grid Compu:ng
Infrastructure
• Hypervisor • Management So3ware • Deployment So3ware • Network • Server • Storage •KDC, Kerberos support
• Cassandra (experimental)
• Extensible: IS can be configured to leverage any user store, extending exisGng user stores or implemenGng from scratch
Deployment Models • Private Cloud Model
-‐ Enterprise owned or leased • Public Cloud Model
-‐ Accessible to general public • Hybrid Cloud Model
-‐ Composi6on of private and public cloud • Community Cloud Model
-‐ Shared infrastructure for specific community
Cloud Service Models
• SaaS • PaaS • IaaS •KDC, Kerberos support
• Cassandra (experimental)
• Extensible: IS can be configured to leverage any user store, extending exisGng user stores or implemenGng from scratch
Service Delivery by Provider
Service Delivery by Provider
Service Delivery by Provider
Service Delivery by Provider
Service Delivery by Provider
Service Delivery by Deployment
Service Delivery by Deployment
Cloud Under AFack
AFacks from the Cloud
Weakest Link
Mul:-‐tenancy
Mul:-‐tenancy within an Organiza:on
Mul:-‐tenancy
Data Isola:on – Separated DBs
Data Isola:on Shared DB/Separate Schema
Data Isola:on Shared DB/Shared Schema
Data Access PaFerns
Data Access PaFerns
Data Access PaFerns
Data Access PaFerns
Data Access PaFerns
Data Security
Data Security
Homomorphic Encryp:on
Cloud Security Requirements
Top Threats to Cloud Compu:ng • Data Breaches • Data Loss • Account Hijacking • Insecure APIs • DoS • Malicious Insiders • Abuse of Cloud Service • Insufficient Due Diligence • Shared Technology Issues
Contact us !