Professional Documents
Culture Documents
1.ISSUES IN CLOUDS
Cloud computing has become a social phenomenon used by most people every day. As with
every important social phenomenon there are issues that limit its widespread adoption.
Most issues start from the fact that the user loses control of his or her data, because it is stored on
a computer belonging to someone else (the cloud provider).
This happens when the owner of the remote servers is a person or organization other than the
user; as their interests may point in different directions (for example, the user may wish that his
or her information is kept private, but the owner of the remote servers may want to take
advantage of it for their own business).
Security issues
Physical security
Operational security
Programmatic security
Data issues
Data backup
Data usage
Data loss
Data integrity
Data theft
Performance issue
Design issues
Energy management
Novel cloud architectures
Software Licensing
Reliability
Legal issuues
The Physical Location of your Data
Responsibility of your Data
Intellectual Property Rights
2.FEDERATION IN CLOUD
Permissive federation
Permissive federation occurs when aserver accepts a connection from a peer network
server without verifying its identity using DNS lookups or certificate checking.
The lack of verification or authentication may lead to domain spoofing (the unauthorized
use of a third-party domain name inan email message in order to pretend to be someone
else),
which opens the door to widespread spam and other abuses.
Verified federation
This type of federation occurs when a server accepts a connection from a peer after the
identity of the peer hasbeen verified.
It uses information obtained via DNS and by means of domain-specific keys exchanged
beforehand. The connection is not encrypted, and the use of identity verification
effectively prevents domain spoofing.
To make this work, federation requires proper DNS setup, and that is still subject to DNS
poisoning attacks.
Verified federation has been the default service policy on the open server.
Encrypted federation.
In this mode, a server accepts a connection from a peer if and only if the peer supports
Transport LayerSecurity (TLS) .
The peer must present a digital certificate. The certificate may be self-signed, but this
prevents using mutual authentication.
If this is the case, both parties proceed to weakly verify identity using Server Dialback.
Dialback protocol, which is used between servers to provide identity verification.
Server Dialback uses the DNS as the basis for verifying identity; the basic approach is that
when a receiving server receives a server-to-server connection request from an originating
server, it does not accept the request until it has verified a key with an authoritative server for
the domain asserted by the originating server.
Although Server Dialback does not provide strong authentication or trusted federation, and
although it is subject to DNS poisoning attacks, it has effectively prevented most instances of
address spoofing on the network
This results in an encrypted connection with weak identity verification.
Trusted federation
Here, a server accepts a connection from a peer only under the stipulation that the peer
supports TLS and the peer can present a digital certificate issued by a root certification
authority (CA) that is trusted by the authenticating server.
The list of trusted root CAs may be determined by one or more factors, such as the
operating system, server software, or local service policy.
In trusted federation, the use of digital certificates results not only in a channel encryption
but also in strong authentication.
The use of trusted domain certificates effectively prevents DNS poisoning attacks but
makes federation more difficult, since such certificates have traditionally not been easy to
obtain
The fields of data security and information security design and utilize software,
hardware, and human resources to address this issue.
The ability to control what information one reveals about oneself over the Internet,
and who can access that information, has become a growing concern.
These concerns include whether email can be stored or read by third parties without
consent, or whether third parties can track the web sites someone has visited.
Another concern is whether web sites which are visited collect, store, and possibly
share personally identifiable information about users Privacy is an important business
issue focused on ensuring that personal data is protected from unauthorized and
inappropriate fraudulent activity such as identity theft, email spamming, and
phishing.
Customer information may be “user data” and/or “personal data.” User data is
information collected from a customer, including:
Any data that is collected directly from a customer (e.g., entered by
the customer via an application’s user interface)
Any data about a customer that is gathered indirectly (e.g., metadata
in documents)
Any data about a customer’s usage behavior (e.g., logs or history)
Any data relating to a customer’s system (e.g., system configuration,IP
address)
Personal data (sometimes also called personally identifiable information) is any piece of
data which can potentially be used to uniquely identify, contact, or locate a single person
or can be used with other sources to uniquely identify a single individual. Not all
customer/user data collected by a company is personal data. Examples of personal data
include:
Contact information (name, email address, phone, postal address)
Forms of identification (Social Security number, driver’s license,passport,
fingerprints)
Demographic information (age, gender, ethnicity, religious affiliation, sexual
orientation, criminal record)
Occupational information (job title, company name, industry)
Health care information (plans, providers, history, insurance,genetic information)
The Federal Trade Commission is educating consumers and businesses about the
importance of personal information privacy, including the security of personal
information.
Collection: You should have a valid business purpose for developing applications and
implementing systems that collect, use or transmit personal data.
Notice: There should be a clear statement to the data owner of a company’s/providers intended
collection, use, retention, disclosure, transfer, and protection of personal data.
Choice and consent: The data owner must provide clear and unambiguous consent to the
collection, use, retention, disclosure, and protection of personal data.
Use: Once it is collected, personal data must only be used (including transfers to third parties) in
accordance with the valid business purpose and as stated in the Notice.
Access: Personal data must be available to the owner for review and update. Access to personal
data must be restricted to relevant and authorized personnel.
Retention: A process must be in place to ensure that personal data is only retained for the
period necessary to accomplish the intended business purpose or that which is required by law.
Disposal: The personal data must be disposed of in a secure and appropriate manner (i.e., using
encryption disk erasure or papershredders).
the following observations on the future of policy and confidentiality in the cloud computing
environment:
Responses to the privacy and confidentiality risks of cloud computing include better
policies and practices by cloud providers more vigilance by users, and changes to laws.
The cloud computing industry could establish standards that would help users to analyze
the difference between cloud providers and to assess the risks that users face.
Users should pay more attention to the consequences of using a cloud provider and,
especially, to the provider’s terms of service.
For those risks not addressable solely through policies and practices, changes in laws may
be needed.
5.SECURITY IN CLOUD
Cloud computing security is the set of control-based technologies and policies designed
to adhere to regulatory compliance rules and protect information, data applications and
infrastructure associated with cloud computing use.
Because of the cloud's very nature as a shared resource, identity management, privacy
and access control are of particular concern.
With more organizations using cloud computing and associated cloud providers for data
operations, proper security in these and other potentially vulnerable areas have become a
priority for organizations contracting with a cloud computing provider.
Cloud computing security processes should address the security controls the cloud
provider will incorporate to maintain the customer's data security, privacy and
compliance with necessary regulations.
The processes will also likely include a business continuity and data backup plan in the
case of a cloud security breach.
Cloud security architecture is effective only if the correct defensive implementations are
in place.
An efficient cloud security architecture should recognize the issues that will arise with
security management.
The security management addresses these issues with security controls.
These controls are put in place to safeguard any weaknesses in the system and reduce the
effect of an attack.
While there are many types of controls behind a cloud security architecture, they can
usually be found in one of the following categories:
Deterrent controls
These controls are intended to reduce attacks on a cloud system. Much like a warning sign on a
fence or a property, deterrent controls typically reduce the threat level by informing potential
attackers that there will be adverse consequences for them if they proceed. (Some consider them
a subset of preventive controls.)
Preventive controls
Preventive controls strengthen the system against incidents, generally by reducing if not actually
eliminating vulnerabilities. Strong authentication of cloud users, for instance, makes it less likely
that unauthorized users can access cloud systems, and more likely that cloud users are positively
identified.
Detective controls
Detective controls are intended to detect and react appropriately to any incidents that occur. In
the event of an attack, a detective control will signal the preventative or corrective controls to
address the issue.[8] System and network security monitoring, including intrusion detection and
prevention arrangements, are typically employed to detect attacks on cloud systems and the
supporting communications infrastructure.
Corrective controls
Corrective controls reduce the consequences of an incident, normally by limiting the damage.
They come into effect during or after an incident. Restoring system backups in order to rebuild a
compromised system is an example of a corrective control.
There are a number of security risks associated with cloud computing that must be
adequately addressed
Loss of governance.
Responsibility ambiguity.
Authentication and Authorization
Isolation failure
Compliance and legal risks
Malicious behavior of insiders.
Business failure of the provider
Security as a Service (SecaaS ) is a cloud computing model that delivers managed security
services over the Internet.
SecaaS is based on the Software as a Service (SaaS) model but limited to specialized
information security services
SecaaS facilitates the provisioning of managed security services from the cloud, which benefits
organizations in the following ways:
Reduced costs: SecaaS solutions are provided on a monthly rental basis and per license
purchased.
Ease of management: A service provider delivers total management of cloud security services,
security policies, and general administration. Customizable and scalable services range from
anti-virus/malware to outsourced security suite developers.
Continuous anti-virus updates: SecaaS services ensure that security software is maintained
with the most current virus definition and security updates.
seven security issues which one should discuss with a cloud-computing vendor:
—Inquire about who has specialized access to data, and about the hiring and management of
such administrators.
2.Regulatory compliance
—Make sure that the vendor is willing to undergo external audits and/or security certifications.
3.Data location
—Does the provider allow for any control over the location of data?
4.Data segregation
—Make sure that encryption is available at all stages, and that these encryption schemes were
designed and tested by experienced professionals.
5.Recovery
—Find out what will happen to data in the case of a disaster. Do they offer complete restoration?
If so, how long would that take?
6.Investigative support
—Does the vendor have the ability to investigate any inappropriate or illegal activity?
7.Long-term viability
—What will happen to data if the company goes out of business? How will data be returned, and
in what format
The baseline security practices for the SaaS environment as currently formulated are
discussed in the following
The SDLC consists of six phases, and there are steps unique to the SecSLDC in each of phases:
Phase 1.Investigation:
Define project processes and goals, and document them in the program security policy.
Phase 2.Analysis:
Analyze existing security policies and programs ,analyze current threats and controls, examine
legal issues, and perform risk analysis.
Develop a security blueprint, plan incident response actions, plan business responses to disaster,
and determine the feasibility of continuing and/or outsourcing the project.
Phase 5.Implementation:
Buy or develop security solutions. At the end of this phase, present a tested package to
management for approval.
Phase 6.Maintenance:
CASE STUDY:
7.ANEKA
Aneka plays the role of Application Platform as a Service for Cloud Computing.
Aneka supports various programming models involving Task Programming, Thread
Programming and MapReduce Programming and tools for rapid creation of applications
and their seamless deployment on private or public Clouds to distribute applications.
Business Value
Improved reliability
Simplicity
Faster time to value
Operational Agility
Definite application performance enhancement
Optimizing the capital expenditure and operational expenditure
aneka Management includes a Graphical User Interface (GUI) and APIs to set-up,
monitor, manage and maintain remote and global Aneka compute clouds. Aneka also has
an accounting mechanism and manages priorities and scalability based on SLA/QoS
which enables dynamic provisioning.
Aneka provides APIs and tools that enable applications to be virtualized over a
heterogeneous network.
Aneka Architecture
A service-level agreement (SLA) is a contract between a service provider and its internal or
external customers that documents what services the provider will furnish and defines the
performance standards the provider is obligated to meet.
SLAs establish customer expectations with regard to the service provider's performance and
quality in a number of ways.
Availability and uptime -- the percentage of the time services will be available.
Specific performance benchmarks to which actual performance will be periodically
compared.
Application response time.
The schedule for notification in advance of network changes that may affect users.
Help desk response time for various classes of problems.
Usage statistics that will be provided.
An SLA may specify availability, performance and other parameters for different types of
customer infrastructure -- internal networks, servers and infrastructure components such as
uninterruptable power supplies, for example.
SLAs are thought to have originated with network service providers, but are now widely
used in a range of IT-related fields.
Companies that establish SLAs include IT service providers, managed service providers,
and cloud computing service providers.
Corporate IT organizations, particularly those that have embraced IT service management
(ITSM), enter SLAs with their in-house customers (users in other departments within the
enterprise).
An IT department creates an SLA so that its services can be measured, justified and
perhaps compared with those of outsourcing vendors.
Service providers need SLAs to help them manage customer expectations and define the
circumstances under which they are not liable for outages or performance issues.
Customers can also benefit from SLAs in that they describe the performance
characteristics of the service, which can be compared with other vendors' SLAs, and also
set forth the means for redressing service issues -- via service credits, for example.
For a service provider, the SLA is typically one of two foundational agreements it has
with customers.
Many service providers establish a master services agreement to establish the general
terms and conditions in which it will work with customers.
The SLA is often incorporated by reference into the service provider's master services
agreement. Between the two service contracts, the SLA adds greater specificity regarding
the services provided and the metrics that will be used to measure their performance.
Customer-based SLA: An agreement with an individual customer group, covering all the
services they use. For example, an SLA between a supplier (IT service provider) and the
finance department of a large organization for the services such as finance system, payroll
system, billing system, procurement/purchase system, etc.
Service-based SLA: An agreement for all customers using the services being delivered by
the service provider. For example:
A mobile service provider offers a routine service to all the customers and offers certain
maintenance as a part of an offer with the universal charging.
An email system for the entire organization. There are chances of difficulties arising in this
type of SLA as level of the services being offered may vary for different customers (for
example, head office staff may use high-speed LAN connections while local offices may
have to use a lower speed leased line).
Multilevel SLA: The SLA is split into the different levels, each addressing different set of
customers for the same services, in the same SLA.
Corporate-level SLA: Covering all the generic service level management (often abbreviated
as SLM) issues appropriate to every customer throughout the organization. These issues are
likely to be less volatile and so updates (SLA reviews) are less frequently required.
Customer-level SLA: covering all SLM issues relevant to the particular customer group,
regardless of the services being used.
Service-level SLA: covering all SLM issue relevant to the specific services, in relation to
this specific customer group.
Components
A well defined and typical SLA will contain the following components:
Type of service to be provided: It specifies the type of service and any additional details of
type of service to be provided. In case of an IP network connectivity, type of service will
describe functions such as operation and maintenance of networking equipments, connection
bandwidth to be provided, etc.
The service's desired performance level, especially its reliability and responsiveness: A
reliable service will be the one which suffers minimum disruptions in a specific amount of
time and is available at almost all times. A service with good responsiveness will perform the
desired action promptly after the customer requests for it.
The steps for reporting issues with the service: This component will specify the contact
details to report the problem to and the order in which details about the issue have to be
reported. The contract will also include a time range in which the problem will be looked
upon and also till when the issue will be resolved.
Response and issue resolution time-frame: Response time-frame is the time period by
which the service provider will start the investigation of the issue. Issue resolution time-
frame is the time period by which the current service issue will be resolved and fixed.
Monitoring process and service level reporting: This component describes how the
performance levels are supervised and monitored. This process involves gathering of
different type of statistics, how frequently this statistics will be collected and how this
statistics will be accessed by the customers.
Repercussions for service provider not meeting its commitment: If the provider is not
able to meet the requirements as stated in SLA then service provider will have to face
consequences for the same. These consequences may include customer's right to terminate
the contract or ask for a refund for losses incurred by the customer due to failure of service..