Безопасност и защита при Cloud Copmputing

1. Cloud Copmputing , . - . : , 5, . . 11593, .61 , 2014

2. Cloud Copmputing ....................................................................................................................3 ..............................................................................4 SaaS......................................................................6 PaaS..................................................................7 IaaS.........................................................7 ................................................................8 ..........................................................................................9 , BYOD........................................11 ..............................................................11 ...................................................................................15 BYOD.....................................................................................................................16 ....................................................17 , ..............................................18 .................................................................................................................19 ..............................................................................................20 , 11593 2 3. Cloud Copmputing , - . , . , - -- , , , . , . , , , . , , , . , 11593 3 4. Cloud Copmputing , . ( ), , . . , , , , , . : Gartner , . NIST 2011 , e, , (: , , , ), . 60 90 20 , , , , 11593 4 5. Cloud Copmputing , -. HTML5 Ajax -, . (SOA), . , , , . . , . -, , . . NIST (National Institure of Standarts and Technology) 2011., 5 , , , , . , : , ., . , , , , , , . , , 11593 5 6. Cloud Copmputing , . Multi-tenant - , . , , (, , ). , , , . , . , . , . , . , , , , . - SaaS, PaaS, IaaS . SaaS . . , 11593 6 7. Cloud Copmputing , . . , , , . - , , , , . , , ( ) . Salesforce (www.salesforce.com) Workaday (www.workaday.com) SaaS . PaaS , , / . , , , . (developers.google.com/appengine), (www.force.com) (aws.amazon.com) PaaS. IaaS , , , , , , 11593 7 8. Cloud Copmputing . , , , . , . , , , . SaaS , , , . SaaS , , , . PaaS , , , , . PaaS , , , . , , . PaaS , , PaaS , . , 11593 8 9. Cloud Copmputing IaaS , , , , , . IaaS , , , , . IaaS , , U , , , , IP , . : , , , . o . , , , . . . . . , (. ). , . , LAN , 11593 9 10. Cloud Copmputing . , (VPN) . IP VPN . . , (: , , .). , , , . . (, ), , , , . , , (. ). Google Amazon, , , , , . , , , . , 11593 10 11. Cloud Copmputing , BYOD SaaS , , . , (view) , . , , . () SaaS (tenant) . , , , . , , . , , . , . , , , (data masking), , , . , 11593 11 12. Cloud Copmputing . , . (. ). , , ( ). : : DES, Triple DES, AES, 28147-89, Camellia, Twofish, Blowfish, IDEA, RC4 . : RSA, - (Diffie-Hellman) Elgamal (-) - : MD5-MAC, DES in CBC mode, MAA : MD4, MD5, SHA-1, 34.11- 94 Web (WAF) - - , HTTP , . , Cross-site Scripting (XSS) SQL-. , . , , . WAF Deep Packet Inspection Firewalls .. , HTTP/ HTTPS/SOAP/XML-RPC/ Web-. , , , 11593 12 13. Cloud Copmputing , . firewall , WAF , . DAM (Database Activity Monitoring) . DAM , . , Securosis LLC, , . DAM (, SQL , .), (, ..), , . , DAM , . , , . , : IP MAC , 11593 13 14. Cloud Copmputing - SQL .. DAM , , . DAM , . DLP (Data Leak Prevention). DLP , . , . , , DLP , , DAM . . Web (WAF) - - , HTTP , . , Cross-site Scripting (XSS) SQL-. , . , , . WAF , 11593 14 15. Cloud Copmputing Deep Packet Inspection Firewalls .. , HTTP/ HTTPS/SOAP/XML-RPC/ Web-. , , , . firewall , WAF , . , (tenants) . . - . , - . , , . , , . : , 11593 15 16. Cloud Copmputing , , . . . , (secure data capsule SDC) . , , . . . . , , , . BYOD , , , . (.. , . Bring Your Own Device - BYOD). . : - , , 11593 16 17. Cloud Copmputing ; ; , ; , , , . - . , - . e , , , . , . , , - , , . - (ROI), , . , 11593 17 18. Cloud Copmputing , , , , . 3 : ; , , , , ; ? , ENISA Cloud Computing: Benefits, Risks, and Recommendations for Information Security 2009, , . : , ; , ; : ; , ; , , ; , 11593 18 19. Cloud Copmputing ; (audit logs); ; , , . (. ISO 27001/2); : , , . : , , , , , , , ; : ; , . , , . , . . . , , , 11593 19 20. Cloud Copmputing . 1. http://cio.bg/3402_zashtitata_na_bazi_danni_i_biznes_prilozheniya/#! prettyPhoto , 11593 20 21. Cloud Copmputing 2. http://www.darkreading.com/application-security/database-security/why- database-monitoring/d/d-id/1139781? 3. http://www.itworld.com/security/84655/database-security-on-a-cloud- computing 4. Dawn Song, Elaine Shi, Ian Fischer, and Umesh Shankar. Cloud data protection for the masses. Computer, 45(1):3945, 2012 5. Ph.D. Robert Elsenpeter Anthony T. Velte, Toby J. Velte. Cloud Computing:A Practical Approach. McGraw-Hill Companies., 2010. ISBN: 978-0-07-162695- 8, MHID: 0-07-162695-6. 6. CERT Information Services Greg Shannon, Chief Scientist and SEI Communication Design. 2010 cert research report. In Software Engineering Institute, Carnegie Mellon University, 2010. , 11593 21

Безопасност и защита при Cloud Copmputing

Education

Transcript of Безопасност и защита при Cloud Copmputing