SlideShare une entreprise Scribd logo

Cloud computing risk assesment presentation

A
Ahmad El Tawil

survey, how to assess, challenges

Formation
1  sur  22
Cloud Computing Risk Assessment Done by Ahmad Taweel 1
Outline • Introduction • Survey Risk Assessment for Cloud Computing • Assessing the Security Risks of Cloud Computing • Security and Privacy Challenges in Cloud Computing • Conclusion 2
Introduction • Massive developments and implementations of cloud computing services • Real advantages in term of cost and computational power • Security risks that need to be assessed and mitigated • Assessment of security risks is essential 3
Cloud Computing 4
What is Risk management ? • Set of activities and methods to control risks • Architecture to manage risks 5
What is Risk assessment ? • Process • Identifying the security risks • Occurrence for these risks • Impact • Safeguards against these risks • Controls for reducing or eliminating those risks 6
Risk assessment steps • Threat Identification • Vulnerability Identification(list) • Risk Determination(level) • Control Recommendation 7
Risk assessment for cloud computing • European Network and Information Security Agency (ENISA) • Pointed • Advantages and security risks • Provided • recommendations • Approaches to asses risks 8
Risk assessment for cloud computing • Risk analysis approach • Service • Methodology 9
Assessing the Security Risks of Cloud Computing • First What to Evaluate • Then How to Assess 10
What to Evaluate • Data Location • Recovery • Viability • Support in Reducing Risk 11
Data Location • Every customer need to know where his data are hosted, in which country the data is stored 12
Recovery • How cloud offerings will recover from total disaster? • Know what will happen if one of the offered sites went down? • Can it completely restore everything? • How much time does it need to complete restoration? 13
Viability • What would happen to your service if the provider goes broke? • How would I get my data back? • Can I use the data in a replacement application? 14
Support in Reducing Risk • How to use the product safely? • To whom the instructions for setting and monitoring policies provided to ? • How to avoid phishing or malware attacks? 15
How to Assess • Qualification of the provider’s policymakers, coders and operators • What risk control processes and technical mechanisms are used? • Functionality of there services • Identification of unanticipated vulnerabilities 16
Security and Privacy Challenges 1. Authentication and Identity Management 2. Access Control and Accounting 3. Secure-Service Management 4. Privacy and Data Protection 17
Authentication and Identity Management • Users can easily access their personal information and make it available to various services across the Internet • Issue is drawbacks that could result from using different identity tokens 18
Access Control and Accounting • Access control is demanded • Access control should be flexible • The access control models should also be able to capture relevant aspects of SLAs • Accounting create privacy issues 19
Secure-Service Management • Many cloud service providers use the Web Services Description Language (WSDL) • Issues such as quality of service, price and SLAs are critical in services 20
Privacy and Data Protection • Privacy is a core issue • Protect Identity information • Transaction histories • Data stored out side the premises • who created a piece of data, who modified it and how, and so on 21
Conclusion • Risk assessment is for helping cloud consumers • Specific risk assessment approach • Cloud computing risk assessment isn’t easy • Cloud computing need higher level of assurance • Organizations need to • Evaluate cloud-computing risks • Identify appropriate controls 22

Recommandé

Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management Padma Jella
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
AWS Cloud Assessment
AWS Cloud AssessmentAWS Cloud Assessment
AWS Cloud AssessmentMichael Cronan
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 

Recommandé

Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management Padma Jella
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
AWS Cloud Assessment
AWS Cloud AssessmentAWS Cloud Assessment
AWS Cloud AssessmentMichael Cronan
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cloud security
Cloud securityCloud security
Cloud securityNiharika Varshney
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud security
Cloud security Cloud security
Cloud security n|u - The Open Security Community
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingInternational School Of Management Excellence
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture Maganathin Veeraragaloo
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Cloud security
Cloud securityCloud security
Cloud securityBikashPokharel3
 
Cloud computing
Cloud computingCloud computing
Cloud computingMOHIT PANDEY
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingAvinash Saklani
 
Platform as a Service (PaaS)
Platform as a Service (PaaS)Platform as a Service (PaaS)
Platform as a Service (PaaS)Halil Burak Cetinkaya
 
Evolution of the cloud
Evolution of the cloudEvolution of the cloud
Evolution of the cloudsagaroceanic11
 
Cloud computing
Cloud computingCloud computing
Cloud computingkanchu17
 
Decrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankDecrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankGreat Bay Software
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 

Contenu connexe

Tendances

Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Evolution of the cloud
Evolution of the cloudEvolution of the cloud
Evolution of the cloudsagaroceanic11
 
Cloud computing
Cloud computingCloud computing
Cloud computingkanchu17
 

Tendances (20)

Cloud security
Cloud securityCloud security
Cloud security
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Platform as a Service (PaaS)
Platform as a Service (PaaS)Platform as a Service (PaaS)
Platform as a Service (PaaS)
 
Evolution of the cloud
Evolution of the cloudEvolution of the cloud
Evolution of the cloud
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Similaire à Cloud computing risk assesment presentation

Decrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankDecrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankGreat Bay Software
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
CNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentCNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentSam Bowne
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2Anne Starr
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...ATMOSPHERE .
 
Building a strong security strategy
Building a strong security strategyBuilding a strong security strategy
Building a strong security strategySingtel
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPScott Baron
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
What are the important objectives of Cybersecurity.pdf
What are the important objectives of Cybersecurity.pdfWhat are the important objectives of Cybersecurity.pdf
What are the important objectives of Cybersecurity.pdfBytecode Security
 
Checklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementChecklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementCloud Credential Council
 

Similaire à Cloud computing risk assesment presentation (20)

Decrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankDecrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community Bank
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security Programs
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security Programs
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
CNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentCNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy Development
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
 
Building a strong security strategy
Building a strong security strategyBuilding a strong security strategy
Building a strong security strategy
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIP
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Web Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN TestingWeb Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN Testing
 
What are the important objectives of Cybersecurity.pdf
What are the important objectives of Cybersecurity.pdfWhat are the important objectives of Cybersecurity.pdf
What are the important objectives of Cybersecurity.pdf
 
Checklist for Competent Cloud Security Management
Checklist for Competent Cloud Security ManagementChecklist for Competent Cloud Security Management
Checklist for Competent Cloud Security Management
 

Plus de Ahmad El Tawil

Force sensors presentation
Force sensors presentationForce sensors presentation
Force sensors presentationAhmad El Tawil
 
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...Ahmad El Tawil
 
Map reduce presentation
Map reduce presentationMap reduce presentation
Map reduce presentationAhmad El Tawil
 
Map reduce advantages over parallel databases report
Map reduce advantages over parallel databases reportMap reduce advantages over parallel databases report
Map reduce advantages over parallel databases reportAhmad El Tawil
 
Map reduce advantages over parallel databases
Map reduce advantages over parallel databases Map reduce advantages over parallel databases
Map reduce advantages over parallel databases Ahmad El Tawil
 
Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment reportAhmad El Tawil
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment Ahmad El Tawil
 
Piper Alpha Disaster Report
Piper Alpha Disaster ReportPiper Alpha Disaster Report
Piper Alpha Disaster ReportAhmad El Tawil
 
Fruit detection using morphological
Fruit detection using morphological Fruit detection using morphological
Fruit detection using morphological Ahmad El Tawil
 
Bhopal Disaster Presentation
Bhopal Disaster PresentationBhopal Disaster Presentation
Bhopal Disaster PresentationAhmad El Tawil
 
Security algorithms for manet
Security algorithms for manetSecurity algorithms for manet
Security algorithms for manetAhmad El Tawil
 
5G green communication
5G green communication5G green communication
5G green communicationAhmad El Tawil
 
A survey of ethical hacking process and security
A survey of ethical hacking process and securityA survey of ethical hacking process and security
A survey of ethical hacking process and securityAhmad El Tawil
 
Cybercriminals focus on Cryptocurrency
Cybercriminals focus on CryptocurrencyCybercriminals focus on Cryptocurrency
Cybercriminals focus on CryptocurrencyAhmad El Tawil
 

Plus de Ahmad El Tawil (18)

Force sensors presentation
Force sensors presentationForce sensors presentation
Force sensors presentation
 
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...
Enabling Reusable and Adaptive Modeling,Provisioning & Execution of BPEL Proc...
 
Map reduce presentation
Map reduce presentationMap reduce presentation
Map reduce presentation
 
Map reduce advantages over parallel databases report
Map reduce advantages over parallel databases reportMap reduce advantages over parallel databases report
Map reduce advantages over parallel databases report
 
Map reduce advantages over parallel databases
Map reduce advantages over parallel databases Map reduce advantages over parallel databases
Map reduce advantages over parallel databases
 
Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment report
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment
 
Piper Alpha Disaster Report
Piper Alpha Disaster ReportPiper Alpha Disaster Report
Piper Alpha Disaster Report
 
Fruit detection using morphological
Fruit detection using morphological Fruit detection using morphological
Fruit detection using morphological
 
Piper Alpha Disaster
Piper Alpha DisasterPiper Alpha Disaster
Piper Alpha Disaster
 
Bhopal Disaster Presentation
Bhopal Disaster PresentationBhopal Disaster Presentation
Bhopal Disaster Presentation
 
Security algorithms for manet
Security algorithms for manetSecurity algorithms for manet
Security algorithms for manet
 
Bayesian network
Bayesian networkBayesian network
Bayesian network
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA Implementation
 
5G green communication
5G green communication5G green communication
5G green communication
 
A survey of ethical hacking process and security
A survey of ethical hacking process and securityA survey of ethical hacking process and security
A survey of ethical hacking process and security
 
E-DHCP
E-DHCPE-DHCP
E-DHCP
 
Cybercriminals focus on Cryptocurrency
Cybercriminals focus on CryptocurrencyCybercriminals focus on Cryptocurrency
Cybercriminals focus on Cryptocurrency
 

Dernier

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 

Dernier (20)

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 

Cloud computing risk assesment presentation

  • 2. Outline • Introduction • Survey Risk Assessment for Cloud Computing • Assessing the Security Risks of Cloud Computing • Security and Privacy Challenges in Cloud Computing • Conclusion 2
  • 3. Introduction • Massive developments and implementations of cloud computing services • Real advantages in term of cost and computational power • Security risks that need to be assessed and mitigated • Assessment of security risks is essential 3
  • 5. What is Risk management ? • Set of activities and methods to control risks • Architecture to manage risks 5
  • 6. What is Risk assessment ? • Process • Identifying the security risks • Occurrence for these risks • Impact • Safeguards against these risks • Controls for reducing or eliminating those risks 6
  • 7. Risk assessment steps • Threat Identification • Vulnerability Identification(list) • Risk Determination(level) • Control Recommendation 7
  • 8. Risk assessment for cloud computing • European Network and Information Security Agency (ENISA) • Pointed • Advantages and security risks • Provided • recommendations • Approaches to asses risks 8
  • 9. Risk assessment for cloud computing • Risk analysis approach • Service • Methodology 9
  • 10. Assessing the Security Risks of Cloud Computing • First What to Evaluate • Then How to Assess 10
  • 11. What to Evaluate • Data Location • Recovery • Viability • Support in Reducing Risk 11
  • 12. Data Location • Every customer need to know where his data are hosted, in which country the data is stored 12
  • 13. Recovery • How cloud offerings will recover from total disaster? • Know what will happen if one of the offered sites went down? • Can it completely restore everything? • How much time does it need to complete restoration? 13
  • 14. Viability • What would happen to your service if the provider goes broke? • How would I get my data back? • Can I use the data in a replacement application? 14
  • 15. Support in Reducing Risk • How to use the product safely? • To whom the instructions for setting and monitoring policies provided to ? • How to avoid phishing or malware attacks? 15
  • 16. How to Assess • Qualification of the provider’s policymakers, coders and operators • What risk control processes and technical mechanisms are used? • Functionality of there services • Identification of unanticipated vulnerabilities 16
  • 17. Security and Privacy Challenges 1. Authentication and Identity Management 2. Access Control and Accounting 3. Secure-Service Management 4. Privacy and Data Protection 17
  • 18. Authentication and Identity Management • Users can easily access their personal information and make it available to various services across the Internet • Issue is drawbacks that could result from using different identity tokens 18
  • 19. Access Control and Accounting • Access control is demanded • Access control should be flexible • The access control models should also be able to capture relevant aspects of SLAs • Accounting create privacy issues 19
  • 20. Secure-Service Management • Many cloud service providers use the Web Services Description Language (WSDL) • Issues such as quality of service, price and SLAs are critical in services 20
  • 21. Privacy and Data Protection • Privacy is a core issue • Protect Identity information • Transaction histories • Data stored out side the premises • who created a piece of data, who modified it and how, and so on 21
  • 22. Conclusion • Risk assessment is for helping cloud consumers • Specific risk assessment approach • Cloud computing risk assessment isn’t easy • Cloud computing need higher level of assurance • Organizations need to • Evaluate cloud-computing risks • Identify appropriate controls 22