返回
Cloud Security

Cloud Security

ID:40893498

大小:604.30 KB

页数:24页

时间:2019-08-10

Cloud Security_第1页
Cloud Security_第2页
Cloud Security_第3页
Cloud Security_第4页
Cloud Security_第5页
资源描述:

《Cloud Security》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库

1、SecurityandPrivacyinCloudComputingRagibHasanJohnsHopkinsUniversityLecture2en.600.412Spring201002/01/2010Threats,vulnerabilities,andenemiesGoalLearnthecloudcomputingthreatmodelbyexaminingtheassets,vulnerabilities,entrypoints,andactorsinacloudTechniqueApplydifferentthreatmodelingschemes2/1/201

2、0en.600.412Spring2010Lecture2

3、JHU

4、RagibHasan2Assignmentfornextclass•Review:ThomasRistenpartetal.,Hey,You,GetOffofMyCloud!ExploringInformationLeakageinThird-PartyComputeClouds,proc.ACMCCS2009.•Format:–Summary:Abriefoverviewofthepaper,1paragraph(5/6sentences)–Pros:3ormoreissues–Cons:3ormoreiss

5、ues–Possibleimprovements:Anypossiblesuggestionstoimprovethework•Due:2.59pm2/8/2010•Submission:Byemailtorhasan7@jhu.edu(textonly,noattachmentsplease)2/1/2010en.600.412Spring2010Lecture2

6、JHU

7、RagibHasan3ThreatModelAthreatmodelhelpsinanalyzingasecurityproblem,designmitigationstrategies,andevalua

8、tesolutionsSteps:–Identifyattackers,assets,threatsandothercomponents–Rankthethreats–Choosemitigationstrategies–Buildsolutionsbasedonthestrategies2/1/2010en.600.412Spring2010Lecture2

9、JHU

10、RagibHasan4ThreatModelBasiccomponents•Attackermodeling–Choosewhatattackertoconsider–Attackermotivationandc

11、apabilities•Assets/AttackerGoals•Vulnerabilities/threats2/1/2010en.600.412Spring2010Lecture2

12、JHU

13、RagibHasan5Recall:CloudComputingStack2/1/2010en.600.412Spring2010Lecture2

14、JHU

15、RagibHasan6Recall:CloudArchitectureSaaS/PaaSClientProviderCloudProvider(IaaS)2/1/2010en.600.412Spring2010Lecture2

16、JHU

17、

18、RagibHasan7Attackers2/1/2010en.600.412Spring2010Lecture2

19、JHU

20、RagibHasan8Whoistheattacker?Insider?•Maliciousemployeesatclient•MaliciousemployeesatCloudprovider•CloudprovideritselfOutsider?•Intruders•Networkattackers?2/1/2010en.600.412Spring2010Lecture2

21、JHU

22、RagibHasan9AttackerCapability:Malic

23、iousInsiders•Atclient–Learnpasswords/authenticationinformation–GaincontroloftheVMs•Atcloudprovider–Logclientcommunication2/1/2010en.600.412Spring2010Lecture2

24、JHU

25、RagibHasan10AttackerCapability:CloudProvider•What?–Canreadunencrypteddata–Canpossiblyp

当前文档最多预览五页,下载文档查看全文

此文档下载收益归作者所有

当前文档最多预览五页,下载文档查看全文
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,天天文库负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。