chapitre1-cloud security basics-23 (1).pptx

GhofraneFerchichi2 46 views 34 slides May 05, 2024
Slide 1
Slide 1 of 34
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34

About This Presentation

the basiscs of cloud security

Size: 1.93 MB
Language: en
Added: May 05, 2024
Slides: 34 pages

Slide Content

Sécurité du Cloud Computing Mme Manel Medhioub [email protected] 5 ArcTIC Esprit 2022-2023

Progress Duration: 30 Hours 10 weeks ; 3 hours/lesson Blended learning Online digital media (GC) Activities, test, on-line courses… Coursework Traditional  classroom  (physical presence ) 100% Final Exam One mark filed 2

Chapters Introduction to Cloud Computing security Cloud Computing Security requirements Cloud Computing security threats/ vulnerabilities Cloud Computing security attacks Cloud Computing security mechanisms Identity and access management Governance, Compliance and Risk Management Trust Security in software development 3

Sécurité du CLOUD Manel Medhioub [email protected] Chapter 1 Introduction to Cloud Computing Security 5 ArcTIC Esprit 2022-2023

Lesson plan 5 1 2 3 4 Cloud Computing Overview Terminology and Principles Security Concerns of Cloud Computing Cloud Security Reference Model

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST Special Publication 500-322 February 2018 6 Cloud Computing Overview Definition

7 Cloud Computing Overview The Concept

Security Concerns of Cloud Computing In the information security space, in general, the maturity of a particular technology can relate, at least in part, to how secure it actually is. Cloud computing model is not an exceptional from the list of new computing models which are always facing the problems like security. Significant security concerns need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments. 8

Security Concerns of Cloud Computing The moving of business data to the cloud means that the responsibility over data security becomes shared with the cloud provider. In fact, Securing the cloud and its resources is all the more critical for the cloud providers, for the survival of their own business. 9

Security Concerns of Cloud Computing A cloud is a target-rich environment for malicious individuals and criminal organizations. The overlapping of trust boundaries can provide malicious cloud consumers (human and automated) opportunities to attack IT resources and steal or damage business data. 10

Security Concerns of Cloud Computing Along with the benefits of Cloud Computing, it also presents a number of security issues that have restricted its deployment to date. 11 Reasons customers migrate to the cloud computing environment Ponemon Institute-April 2011

Security Concerns of Cloud Computing 12 obstacles to your adoption of cloud computing SOURCE: TECHTARGET CLOUD INFRASTRUCTURE RESEARCH SURVEY, 2Q 2014

Security Concerns of Cloud Computing 13 The 2016 Global Cloud Data Security Study ," conducted by the Ponemon Institute

Security Concerns of Cloud Computing 14 https://www.infoworld.com/article/3561269/the-2020-idg-cloud-computing-survey.html

Security Concerns of Cloud Computing 15 https://www.infoworld.com/article/3561269/the-2020-idg-cloud-computing-survey.html

Terminology and Principles Cloud security is an evolving sub-domain of computer security, network security, and, more broadly, information security. It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. 16

Terminology and Principles Information Security: This term refers to a broad field that has to do with the protection of information and information systems. The objective of information security is to protect information as well as information systems from unauthorized access, use, disclosure, disruption, modification, destruction 17

Terminology and Principles Confidentiality “Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Within cloud environments, confidentiality primarily pertains to restricting access to data in transit and storage. 18 The message issued by the cloud consumer to the cloud service is considered confidential only if it is not accessed or read by an unauthorized party.

Terminology and Principles Integrity is the characteristic of not having been altered by an unauthorized party. Integrity can extend to how data is stored, processed, and retrieved by cloud services and cloud-based IT resources. A cloud consumer should be guaranteed that the data it transmits to a cloud service matches the data received by that cloud service. 19

Terminology and Principles 20 The message issued by the cloud consumer to the cloud service is considered to have integrity if it has not been altered.

Terminology and Principles Availability “Ensuring timely and reliable access to and use of information. In typical cloud environments, the availability of cloud services can be a responsibility that is shared by the cloud provider and the cloud carrier . 21

Terminology and Principles Authentication: The means to establish a user’s identity, typically by presenting credentials such as a user name and password. Other means include biometric or certificate-based schemes. Auditing: This encompasses various activities that span the generation, collection and review of network, system, and application events to maintain a current view of security. 22

Terminology and Principles A threat is a potential security violation that can challenge defenses in an attempt to breach privacy and/or cause harm. Both manually and automatically threats are designed to exploit known weaknesses, also referred to as vulnerabilities. A threat that is carried out results in an attack 23

Terminology and Principles Threat agent: someone or something with some capacity, a clear intention to manifest a threat, and a record of past activities in this regard. Weakness: a type of mistake in software, in operations and in the infrastructure that, in the right conditions, could contribute to introducing vulnerabilities. This term applies to mistakes in software, regardless of whether they occur in implementation, design or other phases of the software development life cycle. 24

Terminology and Principles Vulnerability: an occurrence of a weakness (or multiple weaknesses) within software, operations or infrastructure, in which the weakness can be used by a party to perform actions that were not specifically granted to the party who takes advantage of the weakness. Impact: the effect of an event, incident or occurrence. In cybersecurity, this means the effect of a loss of the confidentiality, integrity or availability of information on an organization’s operations, an organization’s assets, individuals, other organizations or national interests. 25

Terminology and Principles Risk is the possibility of loss or harm arising from performing an activity. Risk is typically measured according to its threat level and the number of possible or known vulnerabilities. Two metrics that can be used to determine risk for an IT resource are: the probability of a threat occurring to exploit vulnerabilities in the IT resource the expectation of loss upon the IT resource being compromised 26

Terminology and Principles Security Mechanisms: Countermeasures are typically described in terms of security mechanisms, which are components comprising a defensive framework that protects IT resources, information, and services. Security Policies: A security policy establishes a set of security rules and regulations. Often, security policies will further define how these rules and regulations are implemented and enforced. 27

Terminology and Principles 28

Terminology and Principles Security as a Service An emerging trend is the offering of security as a service ( SecaaS ) to address a number of cloud security needs. The outsourcing of security according to SaaS principles is referred to as  Security as a Service  ( SECaaS ) It attempts to respond to the numerous security gaps that exist in diverse cloud implementations. Several security tools available in non-cloud environments could be offered such as : IDS as a Service, Virus Protection as a Service, Logging as a Service, Identity Management as a Service, Cryptography as a Service….. 29

Terminology and Principles Security as a Service Cloud customers who choose to use SecaaS options may have access to a diverse set of services which can address their security issues: Multiple Services –In the cloud, an organization could select from multiple SecaaS solutions that meet the same objectives. On-Demand Costs – Security offerings might be better suited for on-demand needs, as it offers the advantage of no permanent investments. Focus – SecaaS providers might be more focused, as they would offer a more specialized profile of services. Readiness – Automated failover capabilities and high SLA (service level agreement) assurance might be offered by SecaaS . 30

Cloud Security Reference Model A Reference Architecture (RA) “should” provide a blueprint or template architecture that can be reused by others wishing to adopt a similar solution. A Reference Model (RM) should explain the concepts and relationships that underlie the RA.  31

Cloud Carrier Secure transport support Cloud Auditor 32 Cloud Computing Conceptual reference Model 32 Cloud Provider Cloud Broker Service Intermediation Service Aggregation Service Arbitrage Cloud Service Management Service Orchestration Business support Provisioning/ Configuration Portability/ interoperability Secure Physical Resource Layer Resource Abstraction and Control Layer Hardware Facility Service Layers IaaS PaaS SaaS NIST Special Publication 500-292 Security Audit Privacy Impact Audit Performance Audit Cloud Consumer Secure auditing environnement Secure Secure Secure Secure Secure Secure Secure Secure Secure Functional layers Secure Deployment &service Layers Secure Service Layers IaaS PaaS SaaS Secure Cloud Ecosystem Orchestration

Cloud Security Reference Model Cloud Consumer Secure Cloud Consumption Management Secure Configuration Secure Portability and Interoperability Secure Business Support Secure Organizational Support 33

Conclusion Several efforts are underway to standardize cloud security, including: the Cloud Security Alliance (CSA), European Network and Information Security Agency (ENISA) Cloud Audit (A6), Open Cloud Computing Interface (OCCI). These efforts provide requirements against which entities can evaluate security and privacy. 34
Tags
Categories
Technology Education
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 46
  • Slides 34
  • Age 574 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category