security privacy and data protection for trusted cloud computing l.
Skip this Video
Loading SlideShow in 5 Seconds..
Security, Privacy, and Data Protection for Trusted Cloud Computing PowerPoint Presentation
Download Presentation
Security, Privacy, and Data Protection for Trusted Cloud Computing

Loading in 2 Seconds...

play fullscreen
1 / 36

Security, Privacy, and Data Protection for Trusted Cloud Computing - PowerPoint PPT Presentation

  • Uploaded on

Security, Privacy, and Data Protection for Trusted Cloud Computing. Prof. Kai Hwang, University of Southern California Keynote Address, International Conference on Parallel and Distributed Computing and Systems (PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010 .

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Security, Privacy, and Data Protection for Trusted Cloud Computing' - Anita

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security privacy and data protection for trusted cloud computing

Security, Privacy, and Data Protection for Trusted Cloud Computing

Prof. Kai Hwang, University of Southern California

Keynote Address, International Conference on Parallel and Distributed Computing and Systems(PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010

  • Cloud Platformsover Datacenters
  • Cloud Infrastructure and Services
  • Reputation-based Trust Management
  • Data Coloring and Software Watermarking
  • Cloud Support of The Internet of Things

Kai Hwang, USC

handy tools we use over the evolutional periods in history

Handy Tools We Use over the Evolutional Periods In History

Is it safe to play with your computer, when you are naked and vulnerable ?

Kai Hwang, USC

web 2 0 clouds and internet of things

HPC: High-Performance Computing

HTC: High-Throughput Computing

P2P: Peer to Peer

MPP: Massively Parallel Processors

Web 2.0, Clouds, and Internet of Things

Source: K. Hwang, G. Fox, and J. Dongarra,Distributed Systems and Cloud Computing,Morgan Kaufmann, 2011 (in press to appear)

Kai Hwang, USC

public private and hybrid clouds

Public, Private and Hybrid Clouds

Source: Distributed Systems and Cloud Computing, [2]

Kai Hwang, USC


Cloud Providers, Services and Security Measures

Kai Hwang and Deyi Li,“Trusted Cloud Computing with Secure Resources and Data Coloring”,IEEE Internet Computing,Sept. 2010

Kai Hwang, USC

cloud services stack
Cloud Services Stack


Cloud Services


Cloud Services

Compute & Storage

Cloud Services


Cloud Services


Cloud Services

Kai Hwang, USC

marc benioff founder of salesforce com

Marc Benioff, Founder of

1986 graduated from USC

1999 started salesforce.com2003-05 appointed chairman of US Presidential IT Advisory Committee

2009 announced platform for cloud business computing

A SaaS and PaaS Cloud Provider

Kai Hwang, USC


Security and Trust Crisisin Cloud Computing

  • Protecting datacenters must first secure cloud resources and uphold user privacy and data integrity.
  • Trust overlay networks could be applied to build reputation systems for establishing the trust among interactive datacenters.
  • A watermarking technique is suggested to protect shared data objects and massively distributed software modules.
  • These techniques safeguard user authentication and tighten the data access-control in public clouds.
  • The new approach could be more cost-effective than using the traditional encryption and firewalls to secure the clouds.


Kai Hwang, USC

trusted zones for vm insulation
Trusted Zones for VM Insulation









Cloud Provider

Physical Infrastructure

Insulate infrastructure from Malware, Trojans and cybercriminals


Federate identities with public clouds

Identity federation

Cybercrime intelligence

Strong authentication

Tenant #2

Virtual Infrastructure

Control and isolate VM in the virtual infrastructure

Insulate information

from other tenants

Virtual network security

Data loss prevention

Tenant #1

Virtual Infrastructure

Insulate information from cloud providers’ employees

Segregate and control user access

Encryption & key mgmt

Access Mgmt


Physical Infrastructure

Security Info. & Event Mgmt

Enable end to end view of security events and compliance across infrastructures


Kai Hwang, USC


Data Security and Copyright Protection in A Trusted Cloud Platform

Source: Reference [3, 4]

Kai Hwang, USC

March 11, 2009

Prof. Kai Hwang, USC


Cloud Service Models and Their Security Demands

Cloud computing will not be accepted by common users unless the trust and dependability issues are resolved satisfactorily [1].

Kai Hwang, USC

trust management for protecting cloud resources and safeguard datacenter operations 3
Trust Management for Protecting Cloud Resources and Safeguard Datacenter Operations [3]

Kai Hwang, USC

Source: [4]

powertrust built over a trust overlay network
PowerTrustBuilt over A Trust Overlay Network

R. Zhou and K. Hwang, “PowerTrust : A scalable and robust reputation system for structured P2P networks”, IEEE-TPDS, May 2007

Kai Hwang, USC


Distributed Defense against DDoS Attacks over Multiple Network Domains(Chen, Hwang, and Ku, IEEE Trans. on Parallel and Distributed Systems, Dec. 2007 )

Kai Hwang, USC

the internet of things

The Internet



Internet of Things (IOT)

Smart Earth

The Internet of Things

Smart Earth:

An IBM Dream

Kai Hwang, USC

architecture of the internet of things

Merchandise Tracking

Environment Protection

Intelligent Search



Intelligent Traffic

Smart Home

Application Layer

Cloud Computing Platform

The Internet


Network Layer

Mobile Telecom Network

Sensor Network



Sensing Layer

RFID Label

Sensor Nodes

Road Mapper

Architecture of The Internet of Things

Kai Hwang, USC


Smart Power Grid

Kai Hwang, USC

service oriented cloud of clouds intercloud or mashup

Service-Oriented Cloud of Clouds (Intercloud or Mashup)

Cloud of clouds -- from Raw Data to Wisdom. SS = Sensor service, fs= filter services

Kai Hwang, USC

  • Computing clouds are changing the whole IT , service industry, and global economy. Clearly, cloud computing demands ubiquity, efficiency, security, and trustworthiness.
  • Cloud computing has become a common practice in business, government, education, and entertainment leveraging 50 millions of servers globallyinstalled at thousands of datacenters today.
  • Private clouds will become widespread in addition to using a few public clouds, that are under heavy competition among Google, MS, Amazon, Intel, EMC, IBM, SGI, VMWare,, etc.
  • Effective trust management, guaranteed security, user privacy, data integrity, mobility support, and copyright protection are crucial to the universal acceptance of cloud as a ubiquitous service.

Kai Hwang, USC

sgi cyclone hpc cloud for enabling saas and iaas applications http www sgi com cyclone

SGI Cyclone HPC cloud for enabling SaaS and IaaS applications (

Kai Hwang, USC

cloud computing service provider priorities
Cloud Computing – Service Provider Priorities

Ensure confidentiality, integrity, and availability in a multi-tenant environment.

Effectively meet the advertised SLA, while optimizing cloud resource utilization.

Offer tenants capabilities for self-service, and achieve scaling through automation and simplification.

Kai Hwang, USC

cloud security responsibilities by providers and users
Cloud Security Responsibilities by Providers and Users

Table 1:

Source: Reference [4]

Kai Hwang, USC


Concept of Virtual Clusters

(Source: W. Emeneker, et et al, “Dynamic Virtual Clustering with Xen and Moab, ISPA 2006, Springer-Verlag LNCS 4331, 2006, pp. 440-451)

Kai Hwang, USC