cloud computing security, risks, pros and cons, risk mitigation, challenges

letheyabala 51 views 30 slides Aug 27, 2024
Slide 1
Slide 1 of 30
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30

About This Presentation

cloud computing security, risks, pros and cons

Size: 106.39 KB
Language: en
Added: Aug 27, 2024
Slides: 30 pages

Slide Content

"The Current State of Data Security in the Cloud" 1. Introduction to Cloud Computing and Data Security Cloud Computing Benefits: Offers improved interoperability (easy integration with other systems) and cost savings. Security Concerns: Some argue that cloud computing shouldn't be widely used until security issues with third-party control of information are resolved. 2. Traditional Data Security Focus Data Center Security: Initially, data security focused on protecting access to the physical data centers where cloud data is stored. Emerging Challenges: Simply securing data centers is no longer enough as data often exists outside these centers.

3. New Approach to Data Security Data as Fluid Objects: Cloud data is fluid, meaning it can move across different locations and devices. Concentric Circles of Security: Security should be layered, with different levels of protection based on where and how data is accessed. 4. The Dichotomy of Data Security and Open Access Balancing Security and Flexibility: The challenge is to secure data without restricting its movement and accessibility, a seemingly contradictory goal. Risk Mitigation: Security is about managing risks by applying appropriate levels of protection based on accessibility needs. 5. Content-Centric or Information-Centric Security New Security Perspective: The focus is shifting to protecting the data itself rather than just securing the perimeter (like a firewall around a building).

Jericho Forum's Contribution: A group of Chief Information Officers (CIOs) formed the Jericho Forum to promote this new security model, which is particularly relevant for cloud computing. 6. De-Perimeterization Concept De-Perimeterization: Instead of relying on a fixed perimeter (like a firewall) to secure data, security is embedded within the data object itself, allowing it to move securely wherever it goes. Application to Cloud Computing: This approach is key to securing data in the cloud, as it aligns with the nature of cloud data, which is accessible from multiple locations and devices. 7. Conclusion Future of Data Security: The shift towards content-centric security is essential for the future of cloud computing, enabling secure data exchange and flexibility in a cloud environment.

"Cloud Computing and Data Security Risk" 1. Introduction to Cloud Computing Risks Cloud Computing: Enables open accessibility and easier data sharing by storing data in data centers managed by third-party providers like Google, Amazon, and Microsoft. Key Risks: Data Hijacking During Upload: Data can be intercepted during the upload process. Data Encryption: Data must be encrypted in storage to prevent unauthorized access. Access Control: It's crucial to control who can access the data, including cloud provider administrators. 2. Access Control Challenges Increased Accessibility = Increased Risk: The open nature of cloud computing makes access control more critical.

Information-Centric Access Control: Instead of traditional access control lists, access rules should be linked to specific data objects to maintain security without compromising usability. 3. Risks During Data Use Security in Collaboration: Data security should be maintained even when data is being used or shared in collaborative environments. Cross-Border Data Concerns: Cloud computing often involves hosting data in different countries, complicating compliance with data security laws. 4. New Security Challenges in Cloud Computing Emerging Communication Methods: Technologies like Web 2.0, social networking, and mashups (composite applications) introduce new risks for data security. Mashup Security Risks: These can leak sensitive data or compromise data integrity if not properly secured

5. Public Perception and Research Findings Security as a Major Concern: Research shows that security is a significant barrier to cloud computing adoption. IDC Survey: 74.6% of respondents identified security as the main challenge in adopting cloud technology. 6. Mitigating Cloud Security Risks Content-Centric Security: Security should be built into the data itself, ensuring protection throughout its life cycle. Encryption and Access Control: These are vital to maintaining data security in the cloud, especially for mashups and other dynamic content-sharing technologies. Security Policies: They should be tied to data access methods to maintain protection even after data is accessed.

7. Conclusion Layered Risk Profile: Cloud security must be approached as a multi-layered issue. Each layer represents a different level of risk, but all must be addressed cohesively to avoid vulnerabilities .

"Content Level Security—Pros and Cons" 1. Introduction to Content-Centric Security Content-Centric Security: Focuses on protecting the actual content (e.g., text within a document) rather than just the file containing the content. Granular Control: Allows for more detailed and flexible security options, like controlling who sees specific parts of a document and what they can do with it. 2. Example: Securing a Sensitive Document Scenario: A merger and acquisition (M&A) draft document is shared among multiple parties, both internal and external. Content-Centric Benefits: Access Control: Can restrict access to certain sections of the document based on the user’s identity. Persistent Security: Ensures that security measures stay in place even if the document is downloaded or shared.

Auditing and Time-Limited Access: You can track who accesses the document and limit how long they can view it. Protection from Cloud Vendors: The document can be stored in a third-party cloud without the cloud vendor being able to access it. 3. Digital Identity and Information Cards Digital Identity: Security policies are linked to the identity of the person accessing the content. Information Cards: These cards contain specific claims (like email addresses or security clearances) that determine who can access the document. These claims can be managed and revoked if needed .

4. Pros of Content-Centric Security Granular Access Control: Allows for very specific control over who can access different parts of a document. Persistent Protection: Security stays with the content no matter where it goes, even on third-party servers. Enhanced Security: Even administrators of the cloud storage cannot access the content without proper authorization. Dynamic Control: Access rights can be changed or revoked as needed, offering flexibility in managing sensitive information. 5. Cons of Content-Centric Security Complexity: Content-centric security is more complex to implement compared to container-based security. Compatibility Issues: It needs to be compatible with existing database security and data transfer protocols.

Storage and Query Challenges: Protecting content across different storage types and during dynamic data updates can be difficult. Programmatic Problems: Retaining protection within the structure of the database requires sophisticated programming. 6. Container-Based Security: Simpler but Less Granular Container-Based Security: Simpler approach, focusing on encrypting the file or database as a whole. Encryption: Applied during storage and transfer, ensuring basic security but with less control over specific content within the file. Redundant Storage Issues: Synchronizing data across multiple storage locations can be more problematic for container-based security.
Tags
cloud computing security
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 51
  • Slides 30
  • Age 462 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
45 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
20 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
24 views
View More in This Category