Security of Cloud Computing

Security of Cloud Computing


hi and welcome in this video I will
discuss various concepts related to cloud computing including its
characteristics, its service models and deployment models and various security
issues related to cloud computing Before moving further please turn on subtitles for this video and do subscribe my channel for similar videos In cloud computing, the storage and
the processing is not performed locally on the system rather it is performed
over the network therefore cloud computing is also known
as internet based computing or remote virtualization because the actual
hardware or infrastructure is virtualized from the user so computing
is performed in the cloud therefore the complexity of this
computing is isolated from the user In cloud computing, the cloud service
provider (CSP) provides a shared pool of storage, networking and processing
resources and this is also known as resource pooling so there are two layers
of these shared pool of resources i.e. first layer is the physical or
Hardware layer i.e. the network devices or the physical servers or
physical storage device, then upon this physical layer, there is layer of abstraction for manifestation of this cloud application to the user or to the cloud
service provider, so there is minimum management overheads on the user and
this cloud infrastructure is being managed by the cloud service provider
and user has no direct interaction or involvement with the physical hardware, so this infrastructure remains transparent to the user now this cloud supports/ compatible with broad range of heterogeneous
devices e.g. your desktops your laptop and your mobile phones cloud service provider manages the data centers which are distributed and these
data centers are available anywhere on the network or over the Internet so the
functions provided by these data centers are distributed geographically using the
edge server and this edge server is also an important concept with regards to
content distribution or content delivery networks (CDN), where the user is provided
services from the server which is located geographically near its
location now cloud provides services to multi tenants that is multiple customers
and one characteristic of cloud is the rapid provisioning of these
services to the user as per the demand of the user and this demand is scaleable
and cloud also provides elasticity it means that you can shut down a
hardware if it is no longer required and then you can turn it on when it is
required and cloud computing also supports self-service it means that the customer
can provide/allocate resources to itself without the
interaction of the cloud service provider so cloud also provides measured/ metered services, it means that you pay as per your use of the cloud resources
and these measured/ metered services are monitored and reported for transparency
and optimization and this report is available for the user and also for the
cloud service provider There are certain issues with the cloud computing and first issue which is the most important issue is the data privacy (data of user) and what user can do is it can perform pre-encryption of
its data before putting it on cloud another aspect is the
compliance to the local policy or the local regulations so before using the
cloud service provider, any organization may investigate the cloud service
provider for the compliance to the organization policies or to the local
laws another concern is related to the geographical location of actual
cloud hardware which is in the control of third party so the user organization
may perform stringent service level agreements (SLAs) and other contracts with the cloud service provider Another concern is the network connectivity which is MUST for using the cloud service provider services another aspect is the limited customization which is available for the user, so in
contracts, the user organization may define the responsibility matrix,
dividing the responsibilities between user organization and the cloud service
provider another aspect of concern is the virtual machine escape or VM
escape because this is actually advanced form of
virtualization therefore any virtual machine if it gets compromised and this
compromise may lead to compromise of other machines another concern that the cloud service provider may go out of business another concern is regarding the disaster recovery mechanisms employed by the cloud service provider now coming over to the service models, so there are basically three service models and these service models are the
software as a service (SAAS) and second one is the platform as a service (PAAS) and third one is the infrastructure as a service (IAAS) In Software as a service (SaaS), the user
has minimum control and therefore minimum operational operations overheads and then in platform as a service (PaaS), the user has more control over the cloud and therefore more overheads and in infrastructure as ar service (IaaS), the user has maximum control over the cloud infrastructure and therefore maximum
overheads An example of software as a service (SaaS) is that, the user may use
the application which is being provided by the cloud service provider. so user is only the user of this application. Terminologies related to Software as a service (SaaS), is Security of a service (SECaaS) where the security is provided as
software only Security by the cloud service provider e.g. vulnerability testing, penetration testing, antivirus services Another related concept is the Cloud Access Security Broker(CASB) which is basically a policy enforcer between cloud service provider and the
user organization now the second model is the platform as-a-service (PaaS)
an example of this platform as a service is that, you are provided with a platform
to deploy a specific application and third is the infrastructure as a
service (IaaS), where you can deploy any operating system or any application There are four deployment models i.e. Private Cloud, which is a dedicated
cloud for single organization. Community Cloud which is the
cloud for similar stakeholders Public cloud which is open for
all Hybrid cloud which is combinations of all three above deployment models now first of all, I will go further into the details of these service models so once we talk about software as a Service (SaaS), the user has to just use the application which is provided by
the cloud service provider and user has only control over the user specific
configuration of this application e.g. this application can be
accessible from thin client interface e.g. your web browser and using
this web browser you are accessing this application e.g. email
application provided by the Gmail or any other program interface, so there is no
licensing cost over other operational or hardware cost for the user, but there is
a subscription cost for using this application, so there is more
subscription cost and less operational and maintenance or upfront cost Platform-as-a-service (PaaS), the
operating systems and programming tools are provided by a cloud service provider
and user just has to use this software stack and to deploy its own application
so user can just deploy its application then third is the Infrastructure-as-a-Service (IaaS), In Infrastructure-as-a-Service (IaaS), the virtualized infrastructure in shape of processing virtual Servers/ memory/ storage is provided to the user and also the network but the actual hardware
is never provided to the user so actual Hardware still remains the
responsibility of cloud service provider once we talk about the further details
of deployment models, then in private cloud, it is deployed for
single organization and it may be operated by this organization or it may
be operated by the third party or it may be located on the premises of the user
organization and it may be located off the premises and on the premises of the
cloud service providers so once it is located on the premises of the
organization then organization has more control but it has more operational and
maintenance overheads and more upfront cost of hardware and licensing cost but
there is no subscription cost and once it is located off the premises of the
user organization but on the premises of the cloud service provider then all the
upfront cost and hardware cost and or the licensing cost is bear by the
cloud service provider and the user is only responsible for subscription cost
that is monthly now once we talk about community cloud so organization with similar/ shared concern or shared policy or security concern can deploy this community cloud and it may be operated by the any member of this community or it may be
operated by the third party and it may be located on the premises of any of the organization in the community or it may be located on
the premises of a third party or on the premises of cloud service
provider 3rd deployment model is the public cloud which is all open cloud for use of everyone, maybe on the Internet and it may be owned by the any
business/ academia/ government and it is located only on the premises
of the cloud service provider 4th Deployment Model is the hybrid model which is combinations of all above deployment models i.e. private cloud, community
cloud and public cloud so in this hybrid cloud, the private cloud operates in a
distinct manner as a distinct entity may be from the public cloud e.g.
using private cloud for certain critical services and you are using the public
cloud cloud for less critical services or maybe you are using the private cloud
and once the load is more on the cloud then you are shifted to the public cloud
and this is also called cloud bursting where you shift the load
of the cloud services to maybe the public cloud or other cloud deployment
model

Leave a Reply

Your email address will not be published. Required fields are marked *