Professional Documents
Culture Documents
Cloud Technologies
Cloud Technologies
TECHNOLOGIES
MODULE 2
Grid Computing
• What is Grid?
• Provider: The computer that contributes its resources in the resource pool.
Centralized Decentralized
• Why upgrade?
Scenario 1
• Applications that cannot tolerate Latency.
• Health Care
• Financial Transactions
• Automated Systems
Scenario 2 : Growth of IoT devices
Scenario 2 : Growth of IoT devices
Edge Computing
• Edge computing is optimization of cloud to move the
compute closer to the source of data, to the edge.
• Edge in this context means literal geographic distribution.
• Edge computing is computing that’s done near the source of
data instead on the cloud.
• It doesn’t mean the cloud will disappear. It means the cloud
is coming to you.
Edge Computing Architecture
Three-Level Architecture
• First Level
• Cloud Infrastructure
• Second Level
• Cloudlets with state cached from first level
• Third Level
• Edge devices (Mobile/IoT devices)
Cloudlets (Edge)
• An enhanced small-scale cloud data center that is located at the edge
of source.
Data Processing in Edge
Benefits
• Highly responsive Cloud Services.
• Low Latency
• Scalability
• Privacy policy enforcement
• Cloudlet enforces the privacy policies of its owner prior to the release of the
data to the cloud
• Masking cloud outages
• If cloud service becomes unavailable, a nearby cloudlet can temporarily mask
the failure.
Challenges
• Limited Scalability:
• Fog is not as scalable as the cloud
Cloud Security
• Cloud security is the process of protecting computing systems and
resources that reside in the cloud.
• Computing Environments: The location of computing resources. The
environment can be private, public, hybrid or multi-cloud.
• Infrastructures: Virtual Machines
• Platforms: Application development resources like OS.
• Software: cloud based software such as google docs etc.
• Databases: Such as storage, recovery and backup.
Cloud Threats
• Identity Theft
• Attacker steals cloud account information such as emails and passwords.
• Uses this account to impersonate the account owner.
• Data Breach
• Theft of private data and corporate information.
• Insider threats
• When authorized user use their privileges inappropriately or fraudulently.
Cloud Threats
• Misconfiguration of Cloud resources
• When assets are set up incorrectly, they are vulnerable to attack.
• Ex: The Capital One breach exposed Amazon S3 buckets because of a firewall
misconfiguration.
• https://edition.cnn.com/2019/07/29/business/capital-one-data-
breach/index.html
Cloud Threats
• Denial of Service attacks (DoS)
• Hacker floods a system with more web traffic than it can handle at its peak.
• It makes the users/customers unable to access the system.
• https://blog.storagecraft.com/7-infamous-cloud-security-breaches/
• https://www.csoonline.com/article/2130877/the-biggest-data-breach
es-of-the-21st-century.html
• https://www.f5.com/labs/articles/threat-intelligence/is-the-cloud-saf
e--part-2--breach-highlights-for-the-past-3-years
Solutions
• User Identity and Access Management (IAM)
• Provides advanced management of user roles and access privileges.
• IAM defines who gets to use a cloud resource, how and even when.
• Alerts for monitor behavior.
• Preconfigured response to anomalous activity.
• 2FA (2 Factor Authentication)
• SAML (Secure Assertion Markup Language)
Solutions
• Prevent Data Loss by setting up Backup and Recovery Solutions
• Backup: Using backup solutions and safeguarding duplicate copies of the data
in another repository.
• Backups must be on a separate cloud account.
• Backups are done on continuous basis
• Archives: Archives are great for large amount of data that you don’t need for
frequent use.
• Recovery: Setting up various process for recovering lost data.
Solutions
• Monitor for compliance & secure configuration
Cloud Security Model
• C I A Model
• Simple but widely applicable security model stands for:
• Confidentiality
• Integrity
• Availability
• These are the three key principles which should be guaranteed in any
kind of security system.
CIA Model
• Confidentiality:
• Ability to hide information from people who are unauthorized to view it.
• It is the one which is attacked most often.
• Cryptography and Encryption methods are an example of an attempt
to ensure confidentiality of data transfer.
CIA Model
• Integrity:
• Ability to ensure that data is accurate and unchanged.
• This attack happens when intruder intercept the important data and
make changes before it reaches the receiver.
CIA Model
• Availability:
• Information is readily accessible to the authorized person all the time.
• Denial of service attacks happens most.
THANK YOU