20-09-2016, 09:21 AM
1455210397-urce.doc (Size: 1.05 MB / Downloads: 8)
ABSTRACT-
Cloud computing is basically an Internet-based network made up of large numbers of servers - mostly based on open standards, modular and inexpensive. Clouds
Contain vast amounts of information and provide a variety of services to large numbers of people. The benefits of cloud computing are Reduced Data Leakage, Decrease evidence acquisition time, they eliminate or reduce service downtime, they Forensic readiness, they Decrease evidence transfer time The main factor to be discussed is security of cloud computing, which is a risk factor involved in major computing fields
Introduction to Cloud Computing
Definition:- Cloud Computing to be the renting of infrastructure and software, as well as bandwidths, under defined service conditions. These components should be able to be adjusted daily to the needs of the customer and offered with the utmost availability and security. Included in Cloud Computing are end-2-end service level agreements (SLAs) and use-dependent service invoices
User of the cloud only care about the service or information they are accessing - be it from their PCs, mobile devices, or anything else connected to the Internet - not about the underlying details of how the cloud works.
History:-The Cloud is a metaphor for the Internet, derived from its common depiction in network diagrams as a cloud outline.
The underlying concept dates back to 1960 when John McCarthy opined that "computation may someday be organized as a public utility" (indeed it shares characteristics with service bureaus which date back to the 1960s) and the term
The Cloud was already in commercial use around the turn of the 21st century. Cloud computing solutions had started to appear on the market,though most of the focus at this time was on Software as a service.2007 saw increased activity, including Goggle, IBM and a number of universities embarking on a large scale cloud Computing research project, around the time the term started gaining popularity in the mainstream press. It was a hot topic by mid-2008 and numerous cloud computing events had been scheduled
In present discussions about Cloud Computing, it is often ignored that high-performance networks represent an essential basis of the cloud construct. Consequently, the starting point of Cloud Computing would have to be linked with the development of the Internet. The various accesses to and views of Cloud Computing, and its respective origins led to differing definitions and to its strongly diverging public perception. The significance of the topic, however, became evident, in that not only specialized media were writing about it, but also popular magazines
DRIVING CLOUD COMPUTING
The CLOUD COMPUTING is driving in two types of categories .They are as follows:
Customer perspective
Vendor perspective
Customer perspective:
In one word: economics
Faster, simpler, cheaper to use cloud computation.
No upfront capital required for servers and storage.
No ongoing for operational expenses for running data center.
Application can be run from anywhere.
Vendor perspective:
Easier for application vendors to reach new customers.
Lowest cost way of delivering and supporting applications.
Ability to use commodity server and storage hardware.
Ability to drive down data center operational cots.
VISIBILITY
Types by visibility:
Public cloudublic cloud or external cloud describes cloud computing in the traditional mainstream sense,whereby resources are dynamically provisioned on a fine-grained, self-service basis over the Internet, via web applications/web services, from an off-site third-party provider who shares resources and bills on a fine-grained utility computing basis.
Hybrid cloud:
A hybrid cloud environment consisting of multiple internal and/or
external providers"will be typical for most enterprises".A hybrid cloud can describe configuration combining a local device,such as a Plug computer with cloud services. It can also describe configurations combining virtual and physical, co-located assets for example, a mostly virtualized environment that requires physical servers, routers, or other hardware such as a network appliance acting as a firewall or spam filter .
Private cloud:
Private cloud and In Ternal cloud are neologisms that some vendors have recently used to describe offerings that emulate cloud computing on private networks. These products claim to "deliver some benefits of cloud computing without the pitfalls, capitalising on data security, corporate governance, and reliability concerns. They have been criticized on the basis that users "still have to buy, build, and manage them" and as such do not benefit from lower up-front capital costs and less hands-on management, essentially the economic model that makes cloud computing such an intriguing concept".While an analyst predicted in 2008 that private cloud networks would be the future of corporate IT, there is some uncertainty whether they are a reality even within the same firm.
Analysts also claim that within five years a "huge percentage" of small and medium enterprises will get most of their computing resources from external cloud computing providers as they "will not have economies of scale to make it worth staying in the IT business" or be able to afford private clouds.
Analysts have reported on Platform's view that private clouds are a stepping stone to external clouds, particularly for the financial services, and that future data centers will look like internal clouds.The term has also been used in the logical rather than physical sense, for example in reference to platform as a service offerings, though such offerings including Microsoft's zure Services Platform are not available for on-premises deployme
WORK
How does cloud computing works:-computers today are used
mainly by the military, government intelligence agencies,universities and research labs, and large companies to tackle enormously complex calculations for such tasks as simulating nuclear explosions, predicting climate change, designing airplanes, and analyzing which proteins in the body are likely to bind with potential new drugs.Cloud computing aims to apply that kind of power²measured in the tens of trillions of computations per second²to problems like analyzing risk in financial portfolios, delivering personalized medical information, even powering immersive computer games, in a way that users can tap through the Web. It does that by networking large groups of servers that often use low-cost consumer PC technology, with specialized connections to spread data-processing chores across them. By contrast, the newest and most powerful desktop PCs process only about3 billion computations a second. Let's say you're an executive at a large corporation. Your particular responsibilities include making sure that all of your employees have the right hardware and software they need to do their jobs. Buying computers for everyone isn't enough -- you also have to purchase software or software licenses to give employees the tools they require. Whenever you have a new hire, you have to buy more software or make sure your current software license allows another user. It's so stressful that you find it difficult to go
A typical cloud computing system
Soon, there may be an alternative for executives like you. Instead of installing a suite of software for each computer, you'd only have to load one application. That application would allow workers to log into a Web-based service which hosts all the programs the user would need for his or her job. Remote machines owned by another company would run every thing from e-mail to word processing to complex data analysis programs. It's called cloud computing,and it could change the entire computer industry
CENTRALIZED DATA:
Reduced Data Leakage: this is the benefit I hear most from Cloud providers - and in my view they are right. How many laptops do we need to lose before we get this? How many backup tapes? The data landmines of today could be greatly reduced by the Cloud as thin client technology becomes prevalent.Small, temporary caches on hand held devices or Net book computers pose less risk than transporting data buckets in the form of laptops.
Ask the CISO of any large company if all laptops have company mandated controls consistently applied; e.g. full disk encryption. You will see the answer by looking at the whites of their eyes. Despite best efforts around asset management and endpoint security we continue to see embarrassing and disturbing misses.
Monitoring benefits: central storage is easier to control and monitor. The flip side is the nightmare scenario of comprehensive data theft. However, I would rather spend my time as a security professional figuring out smart ways to protect and monitor access to data stored in one place than trying to figure out all the places where the company data resides across a myriad of thick clients! You can get the benefits of Thin Clients today but Cloud Storage provides a way to centralize the data faster and potentially cheaper. The logistical challenge today is getting Terabytes of data to the Cloud in the first place.
2.INCIDENT RESPONSE FORENSICS:
Forensic readiness: with Infrastructure as a Service (IASS) providers, I can build a dedicated forensic server in the same Cloud as my company and place it offline, ready for use when needed. I would only need pay for storage until an incident happens and I need to bring it online. I don t need to call someone to bring it online or install some kind of remote boot software - I just click a button in the Cloud Providers web interface. If I have multiple incident res ponders, I can give them a copy of the VM so we can distribute the forensic workload based on the job at hand or as new sources of evidence arise and need analysis. To fully realise this benefit, commercial forensic software vendors would need to move away from archaic, physical dongle based licensing schemes to a network licensing model.
Decrease evidence acquisition time: if a server in the Cloud gets compromised (i.e.broken into), I can now clone that server at the click of a mouse and make the cloned disks instantly available to my Cloud Forensics server. I didn’t need to find storage or have it ready, waiting and unused - its just there.
Eliminate or reduce service downtime: Note that in the above scenario I didn’t have to go tell the COO that the system needs to be taken offline for hours whilst I dig around in the Array hoping that my physical acqusition toolkit is compatible.
Abstracting the hardware removes a barrier to even doing forensics in some situations.
Decrease evidence transfer time: In the same Cloud, bit fot bit copies are super fast - made faster by that replicated, distributed file system my Cloud provider engineered for me. From a network traffic perspective, it may even be free to make the copy in the same Cloud. Without the Cloud,
I would have to a lot of time consuming and expensive provisioning of physical devices. Ionly pay for the storage as long as I need the evidence.
Eliminate forensic image verification time: Some Cloud Storage implementations expose a cry photographic check sum or hash. For example,Amazon S3 generates an MD5 hash auto magically when you store an object.In theory you no longer need to generate time-consuming MD5 check sumsusing external tools - its already there.
Decrease time to access protected documents: Immense CPU power opens some doors. Did the suspect password protect a document that is relevant to the investigation? You can now test a wider range of candidate passwords in less time to speed investigations.
3. PASSWORD ASSURANCE TESTING(AKA CRACKING):
Decrease password cracking time: if your organization regularly tests password strength by running password crackers you can use Cloud Compute to decrease crack time and you only pay for what you use. Ironically, your cracking costs go up as people choose better passwords .
Keep cracking activities to dedicated machines
: if today you use a distributed password cracker to spread the load across non-production machines, you can now put those agents in dedicated Compute instances - and thus stop mixing sensitive credentials with other workloads.
4. LOGGING:
Unlimited,pay per drink storage: logging is often an afterthought,consequently insufficient disk space is allocated and logging is either non exist an minimal. Cloud Storage changes all this - no more guessing how much storage you need for standard logs.
Improve log indexing and search: with your logs in the Cloud you can leverage Cloud Compute to index those logs in real-time and get the benefit of instant search results. What is different here? The Compute instances can be plumbed in and scale as needed based on the logging load - meaning a true real-time view.
Getting compliant with Extended logging: most modern operating systems offer extended logging in the form of a C2 audit trail. This is rarely enabled for fear of performance degradation and log size. Now you can 碌opt-in露 easily - if you are willing to pay for the enhanced logging, you can do so. Granular logging makes compliance and investigations easier.
5. IMPROVE THE STATE OF SECURITY SOFTWARE
Drive vendors to create more efficient security software
: Billable CPU cycles get noticed. More attention will be paid to inefficient processes; e.g. poorly tuned security agents. Process accounting will make a comeback as customers target expensive processes. Security vendors that understand howto squeeze the most performance from their software will win.
6. SECURE BUILDSre- hardened, change control builds
: this is primarily a benefit of virtualization based Cloud Computing. Now you get a chance to start secure you create your Gold Image VM and clone away.There are ways to do this today with bare-metal OS installs but frequently these require additional 3rd party tools, are time consuming to clone or add yet another agent to each endpoint.
Reduce exposure through patching offline: Gold images can be kept up securely kept up to date. Offline vms can be conveniently patched off the network.
Easier to test impact of security changes: this is a big one. Spin up a copy of our production environment, implement a security change and test the impactat low cost, with minimal start up time. This is a big deal and removes a major barrier to doing security in production environments.
7. SECURITY TESTING:
Reduce cost of testing security:
a SaaS provider only passes on a portion of their security testing costs. By sharing the same application as a service, you don’t foot the expensive security code review and/or penetration test.
Even with Platform as a Service where your developers get to write code,there are potential cost economies of scale (particularly around use of code
CONCLUSION
In my view, there are some strong technical security arguments in favour of Cloud Computing - assuming we can find ways to manage the risks. With this new paradigm come challenges
And opportunities. The challenges are getting plenty of attention -
I’m regularly afforded the opportunity to comment on them, plus obviously I cover them on this blog. However, lets not lose sight of the potential upside.Some benefits depend on the Cloud service used and therefore do not apply across the board. For example; I see no solid forensic benefits with SaaS.
Also, for space reasons, I’m purposely not including the µflip side to these benefits, however if youread this blog regularly you should recognise some.We believe the Cloud offers Small and Medium Businesses major potential security benefits. Frequently smbs struggle with limited or non-existentin house INFOS
EC resources and budgets. The caveat is that the Cloud market is still very new - security offerings are somewhat foggy - making selection tricky. Clearly,not all Cloud providers will offer the same security.