報告人:葉瑞群
日期:2011/11/10
出處:IEEE Transactions on Knowledge and Data Engineering
1.Introduction
2.Information Security Policies
3.Cloud RAS Issues
4.Solutions for Against Cloud Security Problems
5.Conclusion
2
 What
is Cloud Computing?
 Cloud
computing is a network-based environment that
focuses on sharing computations or resources.

In cloud, costumers must only pay for what they use
and have not to pay for local resources which they
need to such as storage or infrastructure.
3


The three types of cloud environments:
1.Public Cloud
2.Private Cloud
3.Hybrid Cloud
The three major types of service in the cloud
environment:
1.SaaS(Software as a Service)
2.PaaS(Platform as a Service)
3.IaaS(Infrastructure as a Service)
4
 What
is RAS(Reliability Availability Security)?
 For
having good and high performance such as:
1.Availability management
2.Access control management
3.Vulnerability and problem management
4.Patch and configuration management
5.Countermeasure
6.Cloud system using and access monitoring
5
 In
cloud computing technology there are a set of
important policy issues, which include issues of
privacy,security, anonymity,government surveillance,
reliability, and liability, amongothers .

But the most important between them is security
and how cloud provider assures it.
6
 Gartner's
seven security issues which cloud clients
should advert as mentioned below:
1.Privileged user access
2.Regulatory compliance
3.Data location
4.Data segregation
5.Recovery
6.Investigative support
7.Long-term viability
7
 Using
Cloud results applications and data will move
under third-party control.
 This
shared responsibility model will bring new
security management challenges to the organization's
IT operations staff .
8
 First,
the data will store away from the customer's
local machine.
 Second,
the data is moving from asingle-tenant to a
multi-tenant environment.
 These
changes can raise an important concern that
called data leakage.
9
 All
of users who use same virtual machine as
infrastructure, if a hacker steals a virtual machine or
take control over it, he will be able to access to all
users' data within it.
 The
hacker can copy them into his local machine
before cloud provider detect that virtual machine is in
out of control then the hacker with analysis the data
may be find valuable data afterward
10
 What
is DDoS(Distributed Denial of Service)?
 Serious
problem is when a malicious user deliberately
done a DDoS attacks using botnet.
 Unfortunately,
similar to IPS(Intrusion Prevention
Systems) solutions,firewalls are vulnerable and
ineffective against DDoS attacks.
11

There are several traditional solutions to mitigate
security problems that exist in the Internet
environment, as a cloud infrastructure, but nature of
cloud causes some security problem that they are
especially exist in cloud environment.
12
 1.
Control access to information.
 2.
Manage user access rights.
 3.
Encourage good access practices.
 4.
Control access to network services.
 5.
Control access to operating systems.
 6.
Control access to applications and systems.
13
 1.Partitioning
 2.Migration
 3.Workload Analysis
and Allocation
14
 As
a solution, cloud providers can add more resource
to protect themselves from such attacks but
unfortunately there is no defense against a powerful
DDoS attack which has good sapience.
15
END
16