security privacy and data protection for trusted cloud computing l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security, Privacy, and Data Protection for Trusted Cloud Computing PowerPoint Presentation
Download Presentation
Security, Privacy, and Data Protection for Trusted Cloud Computing

Loading in 2 Seconds...

play fullscreen
1 / 36

Security, Privacy, and Data Protection for Trusted Cloud Computing - PowerPoint PPT Presentation


  • 363 Views
  • Uploaded on

Security, Privacy, and Data Protection for Trusted Cloud Computing. Prof. Kai Hwang, University of Southern California Keynote Address, International Conference on Parallel and Distributed Computing and Systems (PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010 .

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security, Privacy, and Data Protection for Trusted Cloud Computing' - Anita


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security privacy and data protection for trusted cloud computing

Security, Privacy, and Data Protection for Trusted Cloud Computing

Prof. Kai Hwang, University of Southern California

Keynote Address, International Conference on Parallel and Distributed Computing and Systems(PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010

  • Cloud Platformsover Datacenters
  • Cloud Infrastructure and Services
  • Reputation-based Trust Management
  • Data Coloring and Software Watermarking
  • Cloud Support of The Internet of Things

Kai Hwang, USC

handy tools we use over the evolutional periods in history

Handy Tools We Use over the Evolutional Periods In History

Is it safe to play with your computer, when you are naked and vulnerable ?

Kai Hwang, USC

web 2 0 clouds and internet of things

HPC: High-Performance Computing

HTC: High-Throughput Computing

P2P: Peer to Peer

MPP: Massively Parallel Processors

Web 2.0, Clouds, and Internet of Things

Source: K. Hwang, G. Fox, and J. Dongarra,Distributed Systems and Cloud Computing,Morgan Kaufmann, 2011 (in press to appear)

Kai Hwang, USC

public private and hybrid clouds

Public, Private and Hybrid Clouds

Source: Distributed Systems and Cloud Computing, [2]

Kai Hwang, USC

slide7

Cloud Providers, Services and Security Measures

Kai Hwang and Deyi Li,“Trusted Cloud Computing with Secure Resources and Data Coloring”,IEEE Internet Computing,Sept. 2010

Kai Hwang, USC

cloud services stack
Cloud Services Stack

Application

Cloud Services

Platform

Cloud Services

Compute & Storage

Cloud Services

Co-Location

Cloud Services

Network

Cloud Services

Kai Hwang, USC

marc benioff founder of salesforce com

Marc Benioff, Founder of Salesforce.com

1986 graduated from USC

1999 started salesforce.com2003-05 appointed chairman of US Presidential IT Advisory Committee

2009 announced Force.com platform for cloud business computing

A SaaS and PaaS Cloud Provider

Kai Hwang, USC

slide13

Security and Trust Crisisin Cloud Computing

  • Protecting datacenters must first secure cloud resources and uphold user privacy and data integrity.
  • Trust overlay networks could be applied to build reputation systems for establishing the trust among interactive datacenters.
  • A watermarking technique is suggested to protect shared data objects and massively distributed software modules.
  • These techniques safeguard user authentication and tighten the data access-control in public clouds.
  • The new approach could be more cost-effective than using the traditional encryption and firewalls to secure the clouds.

13

Kai Hwang, USC

trusted zones for vm insulation
Trusted Zones for VM Insulation

APP

APP

APP

OS

OS

OS

APP

OS

Cloud Provider

Physical Infrastructure

Insulate infrastructure from Malware, Trojans and cybercriminals

Anti-malware

Federate identities with public clouds

Identity federation

Cybercrime intelligence

Strong authentication

Tenant #2

Virtual Infrastructure

Control and isolate VM in the virtual infrastructure

Insulate information

from other tenants

Virtual network security

Data loss prevention

Tenant #1

Virtual Infrastructure

Insulate information from cloud providers’ employees

Segregate and control user access

Encryption & key mgmt

Access Mgmt

Tokenization

Physical Infrastructure

Security Info. & Event Mgmt

Enable end to end view of security events and compliance across infrastructures

GRC

Kai Hwang, USC

slide15

Data Security and Copyright Protection in A Trusted Cloud Platform

Source: Reference [3, 4]

Kai Hwang, USC

March 11, 2009

Prof. Kai Hwang, USC

slide17

Cloud Service Models and Their Security Demands

Cloud computing will not be accepted by common users unless the trust and dependability issues are resolved satisfactorily [1].

Kai Hwang, USC

trust management for protecting cloud resources and safeguard datacenter operations 3
Trust Management for Protecting Cloud Resources and Safeguard Datacenter Operations [3]

Kai Hwang, USC

Source: [4]

powertrust built over a trust overlay network
PowerTrustBuilt over A Trust Overlay Network

R. Zhou and K. Hwang, “PowerTrust : A scalable and robust reputation system for structured P2P networks”, IEEE-TPDS, May 2007

Kai Hwang, USC

slide20

Distributed Defense against DDoS Attacks over Multiple Network Domains(Chen, Hwang, and Ku, IEEE Trans. on Parallel and Distributed Systems, Dec. 2007 )

Kai Hwang, USC

the internet of things

The Internet

Internet

Clouds

Internet of Things (IOT)

Smart Earth

The Internet of Things

Smart Earth:

An IBM Dream

Kai Hwang, USC

architecture of the internet of things

Merchandise Tracking

Environment Protection

Intelligent Search

Tele-

medicine

Intelligent Traffic

Smart Home

Application Layer

Cloud Computing Platform

The Internet

InformationNetwork

Network Layer

Mobile Telecom Network

Sensor Network

GPS

RFID

Sensing Layer

RFID Label

Sensor Nodes

Road Mapper

Architecture of The Internet of Things

Kai Hwang, USC

slide27

Smart Power Grid

Kai Hwang, USC

service oriented cloud of clouds intercloud or mashup

Service-Oriented Cloud of Clouds (Intercloud or Mashup)

Cloud of clouds -- from Raw Data to Wisdom. SS = Sensor service, fs= filter services

Kai Hwang, USC

conclusions
Conclusions:
  • Computing clouds are changing the whole IT , service industry, and global economy. Clearly, cloud computing demands ubiquity, efficiency, security, and trustworthiness.
  • Cloud computing has become a common practice in business, government, education, and entertainment leveraging 50 millions of servers globallyinstalled at thousands of datacenters today.
  • Private clouds will become widespread in addition to using a few public clouds, that are under heavy competition among Google, MS, Amazon, Intel, EMC, IBM, SGI, VMWare, Saleforce.com, etc.
  • Effective trust management, guaranteed security, user privacy, data integrity, mobility support, and copyright protection are crucial to the universal acceptance of cloud as a ubiquitous service.

Kai Hwang, USC

sgi cyclone hpc cloud for enabling saas and iaas applications http www sgi com cyclone

SGI Cyclone HPC cloud for enabling SaaS and IaaS applications (http://www.sgi.com/cyclone)

Kai Hwang, USC

cloud computing service provider priorities
Cloud Computing – Service Provider Priorities

Ensure confidentiality, integrity, and availability in a multi-tenant environment.

Effectively meet the advertised SLA, while optimizing cloud resource utilization.

Offer tenants capabilities for self-service, and achieve scaling through automation and simplification.

Kai Hwang, USC

cloud security responsibilities by providers and users
Cloud Security Responsibilities by Providers and Users

Table 1:

Source: Reference [4]

Kai Hwang, USC

slide36

Concept of Virtual Clusters

(Source: W. Emeneker, et et al, “Dynamic Virtual Clustering with Xen and Moab, ISPA 2006, Springer-Verlag LNCS 4331, 2006, pp. 440-451)

Kai Hwang, USC