cloud
play

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a - PowerPoint PPT Presentation

Dec 16, 2022 •428 likes •955 views

Cloud Security & Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a vital resource Enterprises, governments, scientists, consumers, Computing is manageable at small

  1. Cloud Security & Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH

  2. Computing as a Service 2  Computing is a vital resource  Enterprises, governments, scientists, consumers, …  Computing is manageable at small scales…  e.g., PCs, laptops, smart phones  …but becomes hard to manage at large scales  build and manage infrastructure, schedule backups, hardware maintenance, software maintenance, security, trained workforce, …  Why not outsource it?

  3. Computing Architecture 3 Email, WWW, Social Net.,… Applications Platform Windows, Linux, MacOSX ,… memory, disk, network, Infrastructure

  4. Cloud Services 4 Software as a service  Gmail, Hotmail, Flickr, Facebook , Office365, Google Docs, …  Service: customer makes use of provider applications  Customer: consumers & enterprise  Platform as a service  MS SQL Azure, Amazon SimpleDB, Google AppEngine  Service: customer makes use of provider’s software stack   Customer: developers Infrastructure as a service  Amazon EC2, Microsoft Azure, Google Compute Engine  Service: customer makes use of provider’s (virtualized) infrastructure   Customer: enterprise, developers

  5. Cloud Deployment 5 Models Private Public

  6. 6 Why the Hype?

  7. Why Providers Care 7  Spare capacity  most providers have underutilized data centers  might as well monetize it  Potentially huge market  Major infrastructure shift  Comparable to the Internet (?)  MS, Apple, Google, Amazon, Facebook  Can’t risk missing it

  8. Why Clients Care 8  Consumers  Convenience: backups, synchronization, sharing  Startups/SME  Low CAPEX: low risk, less VC  Focus on product/service  Elasticity (can scale fast)  Enterprise  Turn CAPEX into OPEX  Cheaper & more reliable services (email, payroll, …)

  9. Why Researchers Care 9  Papers!  Grants!  Interesting research  Distributed systems: fault-tolerance, cluster & parallel computing  Storage systems: GFS, HDFS,...  Databases : Big Data, analytics, NoSQL, GraphDBs  Operating systems: virtualization  Algorithms: resource allocation, cluster algorithms, parallel algs  Economics: pricing, auctions  Security: forensics, VM isolation,  Networking: data center networks, architectures, protocols  Cryptography: new types of encryption, signatures, protocols, ...

  10. Why Governments Care 10  Cloud will impact cost of hardware and software  will impact the cost structure of many industries  will impact business creation  will impact economic performance of countries  Cloud can provide cost savings for public sector  Hospitals, healthcare, education  Agencies that have periodic peaks (e.g., IRS)  Improved energy efficiency  Europe: 1.75% of carbon emissions due to IT usage

  11. 11 What are the Risks?

  12. Cloud Policy 12  What is the legal definition of a Cloud?  Determines regulatory & policy frameworks  What if  cloud’s computation is wrong?  data stored is tampered with or lost?  customer goes out of business?

  13. Cloud Policy [Jaeger-Lin-Grimes08] 13  Should Telecom laws apply?  Entities in telecom laws ISP, telecomm providers, common carrier   Telco laws assume purpose of technology is to ship bits  Do not offer legal compensation framework  If call or packets are dropped, just resend  Cloud stores, computes and ships  What happens if data is lost?

  14. Cloud Policy 14  If Clouds are Telcos should net neutrality apply?  Net neutrality is good for Clouds  Cloud relies on stable and high quality Internet access  Prevents ISPs from extracting profits from providers  Prevents ISPs from gaining unfair advantage for own clouds  Net neutrality could be disastrous for Clouds  No differential pricing  No QoS

  15. Cloud Policy 15  Is a Cloud responsible for its tenants?  EC2 hosted Wikileaks and spammers  What if DoS attacks are launched from the Cloud?  What if hackers use cloud as stepping stone?

  16. Cloud Insurance 16 Should customers be insured?  100% reliability is impossible  Downtime can be costly (startups can go out of business)  AWS outages  December 12 th , 2010: EC2 down for 30 mins (Europe)  April 21, 2011: storage down for 10-12 hours (N. Virginia)   Foursquare, Reddit, Quora, BigDoor and Hootsuite affected August 6 th , 2011: storage down for 24 hours (Ireland)  August 8 th , 2011: network connectivity down for 25 mins (N. Virginia)   Reddit, Quora, Netflix and FourSquare affected July 7 th , 2012: storage down for few hours (Virginia)   Instagram, Netflix, Pinterest affected What is the right model for Cloud insurance? 

  17. Data-Related Issues 17  Where is the data?  In which legal jurisdiction?  Does that government have access?  Which regulations apply?  Compliance  If I store data of type X, am I compliant with regulation Y?  Licensing  If I store licensed data and/or code, am I violating terms?

  18. Data-Related Issues [Reed10] 18  Who owns the data?  No notion of property rights for information  Property rights only for physical object that stores information  “owner” can control information through mix of IP, privacy rights and contracts  Typical Cloud scenario  Customer entrusts own data + data of clients to cloud  Cloud stores and processes data  Client uses cloud services to create new data  Cloud generates metadata and new data

  19. Data-Related Issues 19  What can the Cloud do with Data?  Can Cloud mine tenant data to improve its cloud services?  Can Cloud mine tenant data to improve its other products  Can MS mine cloud data to improve Bing, Office,... ?

  20. Data-Related Issues 20  Google Drive  Released April 24 th , 2012  Similar to Dropbox, Skydrive, etc...  Media firestorm with respect to license  User retains intellectual property rights  Google retains rights to  reproduce, use, and create derivative works  Extract content to customize advertising and other services  perpetually...even after removal of content!

  21. Data-Related Issues 21  Entropy reduction [Ohm09]  anonymized data sets can be de-anonymized using auxiliary information  Cloud providers hold a large amount of auxiliary information!  Therefore can have large effect on privacy  Should they be regulated?

  22. Government Surveillance 22  Gordon Frazer  managing director of Microsoft UK  Office 365 Launch (July, 2011):  “cloud data is not protected against US Patriot Act...  “…no matter where it is stored, …”  “and we might give data without telling you”  Huge controversy!

  23. Government Surveillance 23  Ivo Opstelten [Dutch minister of safety & justice]  US providers could be excluded from bidding on Dutch contracts  Sophie in ‘t Veld [Dutch member of European Parliament]  asked European Commission to clarify jurisdictional issues urgently!  But banning transfer of European (citizen) data to U.S. could violate WTO agreements…

  24. Government Surveillance 24  France  invested 150/225M euros in SFR & Orange  so CloudWatt & Numergy have local data centers?

  25. The Patriot Act 25  1968: Omnibus Crime Control and Safe Streets Act  Prohibits interstate gun sales, set 21 as minimum age to buy guns, ...  Also set rules for obtaining wiretap orders in the United States  1986: Electronic Communications Privacy Act  amendment to OCCSSA  prevents unauthorized government access to private electronic communications  2001: “Patriot Act”  series of amendments to previous acts including ECPA  increased law enforcement's ability to recover data and communications

  26. The Patriot Act 26  EU allows private data to be exported to  Argentina, Israel, most of Canada, ...  ...but not to US or most of Asia  Safe Harbor  US companies promise to enact certain security & privacy measures  Most US companies agree  SH has exception for national security...  But SH was enacted before 911 and PA  EU would have never agreed to SH if it knew PA was coming

  27. Patriot Act 27  Effects of controversy  EU enterprises and govs nervous about US clouds  Great for EU cloud providers!  US cloud providers asked Obama administration to clarify scope of PA

  28. 28 Cloud Adversarial Models

  29. The Cloud Abstraction 29

  30. The Cloud Abstraction 30

  31. The Cloud Abstraction 31 App1 App2 App App OS OS OS Hypervisor Hardware

  32. The Cloud Abstraction 32

  33. The Cloud Abstraction 33

  34. The Cloud Abstraction 34

  35. The Cloud Abstraction 35

  36. The Cloud Abstraction 36

  37. The Cloud Abstraction 37

  38. Cloud Adversarial 38 Models  Clouds must protect against traditional adversaries  Hackers, malware, botnets, spammers, ...  And against  Physical attackers  Rogue employees : can access part of infrastructure  Steal hard drives, see PII  Tenants : are like traditional adversaries but inside the cloud  DoS, cross-VM attacks  Providers: control entire infrastructure  hardware, OS, HV, network, data center  Governments : can issue subpoenas, get warrants, ...  Get keys, hard drives, servers, monitor communications

  39. 39 Cloud Attacks

Recommend

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Data Furnace: Heating Up with Cloud Computing Jie Liu , Michel Goraczko, Jiakang Lu Sean James, Christian Belady Kamin Whitehouse Microsoft University of Virginia The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2%

551 views • 16 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises Connecting clouds New workloads Components to disrupt SOFTLAYER CAPABILITIES OVERVIEW 5 GLOBAL CLOUD PLATFORM Unified architecture enabled by

390 views • 17 slides
github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

09:00 Welcome Shashank Khandelwal 09:10 cloud.gov Overview 09:40 cloud.gov Hands-on I 10:20 Break 10:30 Federalist Will Slack 10:40 cloud.gov Hands-on II 11:30 Q & A github.com/18F/cg-workshop I Want You to use cloud.gov

461 views • 34 slides
Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Banking in the Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core most banking initiatives will be in the cloud John Schlesinger Changing Cloud Adoption in Financial Services Over 100

561 views • 20 slides
A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is highly scalable, and managed infrastructure capable of hosting end- customer applications and billed by consumption. - Forrester Virtual

399 views • 6 slides
Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ Platform is Crayons Cloud Service Scaling Engine. Offering best in class self- provisioning, billing and reporting capabilities to

346 views • 12 slides
Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland, Marketing Director, Elastifile Agenda Why Cloud? How Cloud? Real-World Example Why Cloud? IC Design Complexity is Steadily Increasing Process

604 views • 31 slides
Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON 2010 Building a Private Cloud with Ubuntu Server 10.04 Enterprise Cloud (Eucalyptus) OSCON 2010 (Note: Special thanks to Jim Beasley, my lead Cloud

604 views • 37 slides
SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right? Maybe you use AWS or Azure? Allowing pay-as-you-go model for IT infrastructure and toward dynamic software-defined service delivery.

168 views • 16 slides
Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud Infrastructure CERN Cloud Team Who am I? Outlines Introduction CERN Cloud service Automation status Upcoming challenges Improvement

799 views • 34 slides
Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry Foundation Why does Cloud Native matter? Since 2000, 52% of the Fortune 500 are no longer on the list Continuous Innovation There is a rough

794 views • 50 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29

Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29

Cloud Native Go 6/28/17, 11)02 AM Cloud Native Go Building Scalable, Resilient Microservices for the Cloud in Go 1 / 29 file:///Users/kimberlyamaral/Desktop/cng-presentation/pres.html#1 Page 1 of 38 Cloud Native Go 6/28/17, 11)02 AM Agenda

566 views • 38 slides
Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from IaaS to Accelerate digital SaaS creates huge new opportunities transformation to transform the speed, effjciency and operating costs of a

298 views • 10 slides
Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing

Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing

Cloud Computing and Cloud Storage By: Maurice Kelly History of Internet and Cloud Computing Internet began in the 1950s Internet has been quite revolutoinary due to its lightning fast communication privelages and data sharing. Cloud

378 views • 6 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
What is the Cloud? Simply put, Cloud Computing is the delivery of computing services,

What is the Cloud? Simply put, Cloud Computing is the delivery of computing services,

What is the Cloud? Simply put, Cloud Computing is the delivery of computing services, including Servers, Storage, Databases, Networking, Software, Analytics and Intelligence over the Internet (The Cloud) to offer faster innovation,

338 views • 13 slides
Nico Uys Cloud Business Line Manager 1 Recent SAP on cloud projects Lessons learned

Nico Uys Cloud Business Line Manager 1 Recent SAP on cloud projects Lessons learned

SAP in the cloud, do it right. Nico Uys Cloud Business Line Manager 1 Recent SAP on cloud projects Lessons learned Agenda Automation of the cloud Zag and our services Summary Q & A 2 Interesting Cloud Facts 1.

271 views • 23 slides
Whats The Next Big Thing in Telecom & IT? Cloud DaaS Desktop as a Service

Whats The Next Big Thing in Telecom & IT? Cloud DaaS Desktop as a Service

Whats The Next Big Thing in Telecom & IT? Cloud DaaS Desktop as a Service Supercharge Your Desktop! Cloud IaaS Infrastructure as a Service Cloud Computing Work Smarter in the Cloud Cloud Single Sign-On Securely Access Many

627 views • 19 slides

More recommend