cloud
play

Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a - PowerPoint PPT Presentation

Dec 16, 2022 •428 likes •955 views

Cloud Security & Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH Computing as a Service 2 Computing is a vital resource Enterprises, governments, scientists, consumers, Computing is manageable at small

  1. Cloud Security & Cryptography I Cloud Computing SENY KAMARA MICROSOFT RESEARCH

  2. Computing as a Service 2  Computing is a vital resource  Enterprises, governments, scientists, consumers, …  Computing is manageable at small scales…  e.g., PCs, laptops, smart phones  …but becomes hard to manage at large scales  build and manage infrastructure, schedule backups, hardware maintenance, software maintenance, security, trained workforce, …  Why not outsource it?

  3. Computing Architecture 3 Email, WWW, Social Net.,… Applications Platform Windows, Linux, MacOSX ,… memory, disk, network, Infrastructure

  4. Cloud Services 4 Software as a service  Gmail, Hotmail, Flickr, Facebook , Office365, Google Docs, …  Service: customer makes use of provider applications  Customer: consumers & enterprise  Platform as a service  MS SQL Azure, Amazon SimpleDB, Google AppEngine  Service: customer makes use of provider’s software stack   Customer: developers Infrastructure as a service  Amazon EC2, Microsoft Azure, Google Compute Engine  Service: customer makes use of provider’s (virtualized) infrastructure   Customer: enterprise, developers

  5. Cloud Deployment 5 Models Private Public

  6. 6 Why the Hype?

  7. Why Providers Care 7  Spare capacity  most providers have underutilized data centers  might as well monetize it  Potentially huge market  Major infrastructure shift  Comparable to the Internet (?)  MS, Apple, Google, Amazon, Facebook  Can’t risk missing it

  8. Why Clients Care 8  Consumers  Convenience: backups, synchronization, sharing  Startups/SME  Low CAPEX: low risk, less VC  Focus on product/service  Elasticity (can scale fast)  Enterprise  Turn CAPEX into OPEX  Cheaper & more reliable services (email, payroll, …)

  9. Why Researchers Care 9  Papers!  Grants!  Interesting research  Distributed systems: fault-tolerance, cluster & parallel computing  Storage systems: GFS, HDFS,...  Databases : Big Data, analytics, NoSQL, GraphDBs  Operating systems: virtualization  Algorithms: resource allocation, cluster algorithms, parallel algs  Economics: pricing, auctions  Security: forensics, VM isolation,  Networking: data center networks, architectures, protocols  Cryptography: new types of encryption, signatures, protocols, ...

  10. Why Governments Care 10  Cloud will impact cost of hardware and software  will impact the cost structure of many industries  will impact business creation  will impact economic performance of countries  Cloud can provide cost savings for public sector  Hospitals, healthcare, education  Agencies that have periodic peaks (e.g., IRS)  Improved energy efficiency  Europe: 1.75% of carbon emissions due to IT usage

  11. 11 What are the Risks?

  12. Cloud Policy 12  What is the legal definition of a Cloud?  Determines regulatory & policy frameworks  What if  cloud’s computation is wrong?  data stored is tampered with or lost?  customer goes out of business?

  13. Cloud Policy [Jaeger-Lin-Grimes08] 13  Should Telecom laws apply?  Entities in telecom laws ISP, telecomm providers, common carrier   Telco laws assume purpose of technology is to ship bits  Do not offer legal compensation framework  If call or packets are dropped, just resend  Cloud stores, computes and ships  What happens if data is lost?

  14. Cloud Policy 14  If Clouds are Telcos should net neutrality apply?  Net neutrality is good for Clouds  Cloud relies on stable and high quality Internet access  Prevents ISPs from extracting profits from providers  Prevents ISPs from gaining unfair advantage for own clouds  Net neutrality could be disastrous for Clouds  No differential pricing  No QoS

  15. Cloud Policy 15  Is a Cloud responsible for its tenants?  EC2 hosted Wikileaks and spammers  What if DoS attacks are launched from the Cloud?  What if hackers use cloud as stepping stone?

  16. Cloud Insurance 16 Should customers be insured?  100% reliability is impossible  Downtime can be costly (startups can go out of business)  AWS outages  December 12 th , 2010: EC2 down for 30 mins (Europe)  April 21, 2011: storage down for 10-12 hours (N. Virginia)   Foursquare, Reddit, Quora, BigDoor and Hootsuite affected August 6 th , 2011: storage down for 24 hours (Ireland)  August 8 th , 2011: network connectivity down for 25 mins (N. Virginia)   Reddit, Quora, Netflix and FourSquare affected July 7 th , 2012: storage down for few hours (Virginia)   Instagram, Netflix, Pinterest affected What is the right model for Cloud insurance? 

  17. Data-Related Issues 17  Where is the data?  In which legal jurisdiction?  Does that government have access?  Which regulations apply?  Compliance  If I store data of type X, am I compliant with regulation Y?  Licensing  If I store licensed data and/or code, am I violating terms?

  18. Data-Related Issues [Reed10] 18  Who owns the data?  No notion of property rights for information  Property rights only for physical object that stores information  “owner” can control information through mix of IP, privacy rights and contracts  Typical Cloud scenario  Customer entrusts own data + data of clients to cloud  Cloud stores and processes data  Client uses cloud services to create new data  Cloud generates metadata and new data

  19. Data-Related Issues 19  What can the Cloud do with Data?  Can Cloud mine tenant data to improve its cloud services?  Can Cloud mine tenant data to improve its other products  Can MS mine cloud data to improve Bing, Office,... ?

  20. Data-Related Issues 20  Google Drive  Released April 24 th , 2012  Similar to Dropbox, Skydrive, etc...  Media firestorm with respect to license  User retains intellectual property rights  Google retains rights to  reproduce, use, and create derivative works  Extract content to customize advertising and other services  perpetually...even after removal of content!

  21. Data-Related Issues 21  Entropy reduction [Ohm09]  anonymized data sets can be de-anonymized using auxiliary information  Cloud providers hold a large amount of auxiliary information!  Therefore can have large effect on privacy  Should they be regulated?

  22. Government Surveillance 22  Gordon Frazer  managing director of Microsoft UK  Office 365 Launch (July, 2011):  “cloud data is not protected against US Patriot Act...  “…no matter where it is stored, …”  “and we might give data without telling you”  Huge controversy!

  23. Government Surveillance 23  Ivo Opstelten [Dutch minister of safety & justice]  US providers could be excluded from bidding on Dutch contracts  Sophie in ‘t Veld [Dutch member of European Parliament]  asked European Commission to clarify jurisdictional issues urgently!  But banning transfer of European (citizen) data to U.S. could violate WTO agreements…

  24. Government Surveillance 24  France  invested 150/225M euros in SFR & Orange  so CloudWatt & Numergy have local data centers?

  25. The Patriot Act 25  1968: Omnibus Crime Control and Safe Streets Act  Prohibits interstate gun sales, set 21 as minimum age to buy guns, ...  Also set rules for obtaining wiretap orders in the United States  1986: Electronic Communications Privacy Act  amendment to OCCSSA  prevents unauthorized government access to private electronic communications  2001: “Patriot Act”  series of amendments to previous acts including ECPA  increased law enforcement's ability to recover data and communications

  26. The Patriot Act 26  EU allows private data to be exported to  Argentina, Israel, most of Canada, ...  ...but not to US or most of Asia  Safe Harbor  US companies promise to enact certain security & privacy measures  Most US companies agree  SH has exception for national security...  But SH was enacted before 911 and PA  EU would have never agreed to SH if it knew PA was coming

  27. Patriot Act 27  Effects of controversy  EU enterprises and govs nervous about US clouds  Great for EU cloud providers!  US cloud providers asked Obama administration to clarify scope of PA

  28. 28 Cloud Adversarial Models

  29. The Cloud Abstraction 29

  30. The Cloud Abstraction 30

  31. The Cloud Abstraction 31 App1 App2 App App OS OS OS Hypervisor Hardware

  32. The Cloud Abstraction 32

  33. The Cloud Abstraction 33

  34. The Cloud Abstraction 34

  35. The Cloud Abstraction 35

  36. The Cloud Abstraction 36

  37. The Cloud Abstraction 37

  38. Cloud Adversarial 38 Models  Clouds must protect against traditional adversaries  Hackers, malware, botnets, spammers, ...  And against  Physical attackers  Rogue employees : can access part of infrastructure  Steal hard drives, see PII  Tenants : are like traditional adversaries but inside the cloud  DoS, cross-VM attacks  Providers: control entire infrastructure  hardware, OS, HV, network, data center  Governments : can issue subpoenas, get warrants, ...  Get keys, hard drives, servers, monitor communications

  39. 39 Cloud Attacks

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Data Furnace: Heating Up with Cloud Computing Jie Liu , Michel Goraczko, Jiakang Lu Sean James, Christian Belady Kamin Whitehouse Microsoft University of Virginia The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2%

551 views • 16 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises Connecting clouds New workloads Components to disrupt SOFTLAYER CAPABILITIES OVERVIEW 5 GLOBAL CLOUD PLATFORM Unified architecture enabled by

390 views • 17 slides
github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

09:00 Welcome Shashank Khandelwal 09:10 cloud.gov Overview 09:40 cloud.gov Hands-on I 10:20 Break 10:30 Federalist Will Slack 10:40 cloud.gov Hands-on II 11:30 Q & A github.com/18F/cg-workshop I Want You to use cloud.gov

461 views • 34 slides
Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Banking in the Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core most banking initiatives will be in the cloud John Schlesinger Changing Cloud Adoption in Financial Services Over 100

561 views • 20 slides
A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is highly scalable, and managed infrastructure capable of hosting end- customer applications and billed by consumption. - Forrester Virtual

399 views • 6 slides
Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ Platform is Crayons Cloud Service Scaling Engine. Offering best in class self- provisioning, billing and reporting capabilities to

346 views • 12 slides
Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland, Marketing Director, Elastifile Agenda Why Cloud? How Cloud? Real-World Example Why Cloud? IC Design Complexity is Steadily Increasing Process

604 views • 31 slides
Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON 2010 Building a Private Cloud with Ubuntu Server 10.04 Enterprise Cloud (Eucalyptus) OSCON 2010 (Note: Special thanks to Jim Beasley, my lead Cloud

604 views • 37 slides
SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right? Maybe you use AWS or Azure? Allowing pay-as-you-go model for IT infrastructure and toward dynamic software-defined service delivery.

168 views • 16 slides
Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud Infrastructure CERN Cloud Team Who am I? Outlines Introduction CERN Cloud service Automation status Upcoming challenges Improvement

799 views • 34 slides
Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry Foundation Why does Cloud Native matter? Since 2000, 52% of the Fortune 500 are no longer on the list Continuous Innovation There is a rough

794 views • 50 slides
T09: ETL Reference Design Overview (402.8.4) Artur Apresyan Fermilab US-MTD Technical Review

T09: ETL Reference Design Overview (402.8.4) Artur Apresyan Fermilab US-MTD Technical Review

T09: ETL Reference Design Overview (402.8.4) Artur Apresyan Fermilab US-MTD Technical Review 15-16 November 2018 Outline Introduction to ETL Technical requirements Description of mechanics, interfaces, dependencies Construction,

786 views • 21 slides
Emerging Trends Committee Meeting California Public Utilities Commission COVID 19 Actions

Emerging Trends Committee Meeting California Public Utilities Commission COVID 19 Actions

Emerging Trends Committee Meeting California Public Utilities Commission COVID 19 Actions June 17, 2020 1 Presentation Overview Safety Rachel Peterson Communications Rob Osborn Water Lucien Filler Rail

521 views • 28 slides
Distributed Systems By Aaron Stannard, CEO, Petabridge What Were Going to Cover

Distributed Systems By Aaron Stannard, CEO, Petabridge What Were Going to Cover

Distributed Tracing: How the Pros Debug Concurrent and Distributed Systems By Aaron Stannard, CEO, Petabridge What Were Going to Cover Microservices and common people problems they cause How distributed tracing solves some of

847 views • 17 slides
Vertical Integration and Price Differentials in the U.S. Crude Oil Market Shaun McRae University

Vertical Integration and Price Differentials in the U.S. Crude Oil Market Shaun McRae University

Vertical Integration and Price Differentials in the U.S. Crude Oil Market Shaun McRae University of Michigan April 21, 2015 Vertical integration in regulated industries Common concern in regulated industries is the vertical integration

955 views • 58 slides
Title More sales, less costs with 9B seamless intermodality Presenter July 29, 2020 Date Post

Title More sales, less costs with 9B seamless intermodality Presenter July 29, 2020 Date Post

Title More sales, less costs with 9B seamless intermodality Presenter July 29, 2020 Date Post covid-19 business accelerator Generating more sales Getting quicker results Saving costs Accelerating recovery and achieving long

568 views • 18 slides
South Dakota v. Wayfair Wayfair in Context: Nature of Sales Tax: Generally, a tax on the

South Dakota v. Wayfair Wayfair in Context: Nature of Sales Tax: Generally, a tax on the

South Dakota v. Wayfair Wayfair in Context: Nature of Sales Tax: Generally, a tax on the consumer. But states can obligate the retailer to serve as a deputy/trustee/agent for collecting. Nature of Nexus : In order for states to

214 views • 10 slides
Post Sockets: Towards an Evolvable Network Transport Interface Brian Trammell 1 , Colin Perkins 2

Post Sockets: Towards an Evolvable Network Transport Interface Brian Trammell 1 , Colin Perkins 2

Post Sockets: Towards an Evolvable Network Transport Interface Brian Trammell 1 , Colin Perkins 2 , and Mirja Khlewind 1 ETH Zrich 1 and University of Glasgow 2 measurement architecture experimentation This project has received funding

210 views • 17 slides
CSO CSONS S Pr Prima mary U y User er Activity T y Training - Corporate Cr Crea eating

CSO CSONS S Pr Prima mary U y User er Activity T y Training - Corporate Cr Crea eating

Communic icatio ions S Servic ice Office ( (CSO) NASA In Integra rated Communication S Servi rvices ( (NIC ICS) CSO CSONS S Pr Prima mary U y User er Activity T y Training - Corporate Cr Crea eating CSO CSONS S Activities

1.38k views • 68 slides

More recommend