Chapter 22: Cloud Computing and Related Security Issues

Chapter 22: Cloud Computing Chapter 22: Cloud Computing and Related Security Issuesand Related Security Issues

Guide to Computer Network Security

IntroductionIntroductionCloud computing - is a model for enabling ubiquitous, Cloud computing - is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of convenient, on-demand network access to a shared pool of configurable computing resources like networks, servers, configurable computing resources like networks, servers, storage, applications and services that can be rapidly storage, applications and services that can be rapidly provisioned and released with minimal management effort provisioned and released with minimal management effort or service provider interaction. or service provider interaction.

This computing model as shown in Figure 22.1, is composed This computing model as shown in Figure 22.1, is composed of a number of essential characteristics, three service of a number of essential characteristics, three service models, and four deployment models. models, and four deployment models.

Kizza - Guide to Computer Network Kizza - Guide to Computer Network SecuritySecurity

22

Cloud Computing Infrastructure Characteristics Cloud Computing Infrastructure Characteristics Traditionally data center computing models were mainly Traditionally data center computing models were mainly based on a client-server model architecture and design based on a client-server model architecture and design relying firmly a three-tier architecture design that included relying firmly a three-tier architecture design that included access, distribution and core switches connecting relatively access, distribution and core switches connecting relatively few clients and meeting limited client needsfew clients and meeting limited client needs

Today’s cloud services models is bursting with activities Today’s cloud services models is bursting with activities and services with distinctly new characteristics that are and services with distinctly new characteristics that are now on demand, elastic, and the service is fully managed now on demand, elastic, and the service is fully managed by the provider.by the provider.

Let us now briefly look at each one of these characteristics:Let us now briefly look at each one of these characteristics:– Ubiquitous network access. Ubiquitous network access. – Measured serviceMeasured service– On-demand self-serviceOn-demand self-service– Rapid elasticityRapid elasticity– Resource poolingResource pooling


33

Cloud Computing Service Models Cloud Computing Service Models

Cloud Infrastructure as a Service (IaaS) – a process of providing Cloud Infrastructure as a Service (IaaS) – a process of providing the customer with the ability and capability to manage and the customer with the ability and capability to manage and control, via a web-based virtual server instance API, system control, via a web-based virtual server instance API, system resources such as starting, stopping, accessing and configuring resources such as starting, stopping, accessing and configuring the virtual servers, operating systems, applications, storage, the virtual servers, operating systems, applications, storage, processing and other fundamental computing resources.processing and other fundamental computing resources.

Platform as a Service (PaaS) - a set of software and product Platform as a Service (PaaS) - a set of software and product development tools hosted on the provider's infrastructure and development tools hosted on the provider's infrastructure and accessible to the customer via a web-based virtual server accessible to the customer via a web-based virtual server instance API. Through this instance, the customer can create instance API. Through this instance, the customer can create applications on the provider's platform over the Internetapplications on the provider's platform over the Internet

Software as a Service (SaaS) – a process of acquiring software Software as a Service (SaaS) – a process of acquiring software with no upfront license fee. All software applications are retained with no upfront license fee. All software applications are retained by the provider and the customer has access to all applications of by the provider and the customer has access to all applications of choice from the provider via various client devices through either choice from the provider via various client devices through either a thin client interface, such as a web browser, a web portal or a a thin client interface, such as a web browser, a web portal or a virtual server instance API. virtual server instance API.


44

Cloud Computing Deployment ModelsCloud Computing Deployment Models

There are three cloud deployment models which are There are three cloud deployment models which are actually cloud types:actually cloud types:– Public clouds- provides access to computing resources Public clouds- provides access to computing resources

for the general public over the Internet allowing for the general public over the Internet allowing customers to self-provision resources typically via a web customers to self-provision resources typically via a web service interface on a pay-as-you-go basis. One of the service interface on a pay-as-you-go basis. One of the benefits of public clouds is to offer large pools of benefits of public clouds is to offer large pools of scalable resources on a temporary basis without the scalable resources on a temporary basis without the need for capital investment in infrastructure by the user.need for capital investment in infrastructure by the user.

– Private cloud - gives users immediate access to Private cloud - gives users immediate access to computing resources hosted within an organization's computing resources hosted within an organization's infrastructure and premises. infrastructure and premises.

– Hybrid cloud - combines the computing resources of Hybrid cloud - combines the computing resources of both the public and private clouds. both the public and private clouds.


55

Virtualization and Cloud ComputingVirtualization and Cloud Computing

Virtualization is a fundamental feature in cloud computing. Virtualization is a fundamental feature in cloud computing. Virtualization allows applications from different customers Virtualization allows applications from different customers to run on different virtual machines; hence, providing to run on different virtual machines; hence, providing separation and protection.separation and protection.


66

Benefits of Cloud ComputingBenefits of Cloud Computing

Automatic UpdatesAutomatic Updates

Reduced CostReduced Cost

Green Benefits of Cloud computing Green Benefits of Cloud computing

Remote AccessRemote Access

Disaster ReliefDisaster Relief

Self-service provisioning Self-service provisioning

ScalabilityScalability

Reliability and fault-tolerance Reliability and fault-tolerance

Ease of Use Ease of Use

Skills and Proficiency Skills and Proficiency

Response TimeResponse Time

MobilityMobility

Increased Storage Increased Storage


77

Cloud Computing, Power Consumption and Cloud Computing, Power Consumption and Environmental IssuesEnvironmental Issues

TThere is a heated debate on-going pitting those claiming here is a heated debate on-going pitting those claiming that cloud computing is gobbling up resources as large that cloud computing is gobbling up resources as large cloud and social networking sites need daily megawatts of cloud and social networking sites need daily megawatts of power to feed insatiable computing needs and those who power to feed insatiable computing needs and those who claim that the computing model is indeed saving power claim that the computing model is indeed saving power from millions of servers left idling daily and consuming from millions of servers left idling daily and consuming more power. more power.

What is your opinion?What is your opinion?


88

Cloud Computing Security, Reliability, Availability Cloud Computing Security, Reliability, Availability and Compliance Issuesand Compliance Issues

Cloud users normally “trust” cloud service providers with Cloud users normally “trust” cloud service providers with their data like they trust banks with their money.their data like they trust banks with their money.

This means that they expect the three issues of security, This means that they expect the three issues of security, availability and performance to be of little concern to them availability and performance to be of little concern to them as they are with their banks. This depends on:as they are with their banks. This depends on:– Cloud Computing Actors, Their Roles and ResponsibilitiesCloud Computing Actors, Their Roles and Responsibilities– Security of Data and Applications in the CloudSecurity of Data and Applications in the Cloud

Hypervisor SecurityHypervisor Security

Securing Load BalancersSecuring Load Balancers

Virtual Operating Systems SecurityVirtual Operating Systems Security

– Security of Data in Transition - Cloud Security Best PracticesSecurity of Data in Transition - Cloud Security Best PracticesService Level Agreements (SLAs)Service Level Agreements (SLAs)

Data Encryption Data Encryption

Web Access Points Security Web Access Points Security

ComplianceCompliance


99

Chapter 22: Cloud Computing and Related Security Issues

Documents

Transcript of Chapter 22: Cloud Computing and Related Security Issues