UNIVERSITY INSTITUTE OF ENGINEERING

COMPUTER SCIENCE ENGINEERING

Bachelor of Engineering (Computer Science & Engineering)
Subject Name: Cloud Computing & Distributed Systems
Subject Code: 21CST-378/21ITT-378

DISCOVER . LEARN . EMPOWER

 Cloud Computing & Distributed Systems
Course Outcomes
CO1: Understanding of various paradigm of cloud computing
and distributed systems.
CO2: Articulate the basic concepts, key technologies,
strength and limitation of cloud computing and possible
applications.
CO3: Appraise the architecture and infrastructure of cloud
computing including SaaS, PaaS, IaaS, UCaaS/FaaS public
cloud, private cloud and hybrid cloud.
CO4: Interpret various data, scalability, security and cloud
services to acquire efficient database for cloud storage.
CO5: Develop the appropriate cloud computing solutions
and recommendations according to the application used.
2
Cloud Computing &
Distributed Systems

Contents
1. Data security in cloud
2. Cloud Security Services:
Confidentiality, Integrity
and Availability
3. Secure Cloud Software
requirements
4. Secure Cloud Software
testing
5. Cloud Analytics

3
Cloud Computing & Distributed Systems

UNIT 3
CLOUD SECURITY SERVICES

CHAPTER 5
DATA AND CLOUD SECURITY

4
 Data security in cloud (CO-4)

What is cloud data security? Benefits and solutions

Cloud data security is the practice of protecting data and other digital information assets
from security threats, human error, and insider threats. It leverages technology, policies,
and processes to keep your data confidential and still accessible to those who need it in
cloud-based environments.

Cloud computing delivers many benefits, allowing you to access data from any device via an
internet connection to reduce the chance of data loss during outages or incidents and
improve scalability and agility. At the same time, many organizations remain hesitant to
migrate sensitive data to the cloud as they struggle to understand their security options and
meet regulatory demands.
5
6
7
8
 What are the challenges of cloud data security?
As more data and applications move out of a central data center and away from traditional security mechanisms and
infrastructure, the higher the risk of exposure becomes. While many of the foundational elements of on-premises data
security remain, they must be adapted to the cloud.

Common challenges with data protection in cloud or hybrid environments include:

1. Lack of visibility. Companies don’t know where all their data and applications live and what assets are in their
inventory.
2. Less control. Since data and apps are hosted on third-party infrastructure, they have less control over how data is
accessed and shared.
3. Confusion over shared responsibility. Companies and cloud providers share cloud security responsibilities, which
can lead to gaps in coverage if duties and tasks are not well understood or defined.
4. Inconsistent coverage. Many businesses are finding multi cloud and hybrid cloud to better suit their business needs,
but different providers offer varying levels of coverage and capabilities that can deliver inconsistent protection.
5. Growing cyber security threats. Cloud databases and cloud data storage make ideal targets for online criminals
looking for a big payday, especially as companies are still educating themselves about data handling and management
in the cloud.
6. Strict compliance requirements. Organizations are under pressure to comply with stringent data protection and
privacy regulations, which require enforcing security policies across multiple environments and demonstrating strong
data governance.
7. Distributed data storage. Storing data on international servers can deliver lower latency and more flexibility. Still, it
9
can also raise data sovereignty issues that might not be problematic if you were operating in your own data center.
10
 Who is responsible for securing your data?
Cloud providers and customers share responsibility for cloud
security. The exact breakdown of responsibilities will depend on
your deployment and whether you choose IaaS, PaaS, or SaaS as
your cloud computing service model.

In general, a cloud provider takes responsibility for the security

of the cloud itself, and you are responsible for securing anything
inside of the cloud, such as data, user identities, and their access
privileges (identity and access management).

11
12
Why companies need cloud security
Today, we’re living in the era of big data, with companies generating, collecting, and
storing vast amounts of data by the second, ranging from highly confidential business or
personal customer data to less sensitive data like behavioral and marketing analytics.

Beyond the growing volumes of data that companies need to be able to access, manage,
and analyze, organizations are adopting cloud services to help them achieve more agility
and faster times to market, and to support increasingly remote or hybrid workforces.
The traditional network perimeter is fast disappearing, and security teams are realizing
that they need to rethink current and past approaches when it comes to securing cloud
data. With data and applications no longer living inside your data center and more people
than ever working outside a physical office, companies must solve how to protect data
and manage access to that data as it moves across and through multiple environments.

13
14
 What are the benefits of cloud data security?
1. Greater visibility: Strong cloud data security measures allow you to maintain visibility into the inner workings
of your cloud, namely what data assets you have and where they live, who is using your cloud services, and
the kind of data they are accessing.
2. Easy backups and recovery: Cloud data security can offer a number of solutions and features to help
automate and standardize backups, freeing your teams from monitoring manual backups and
troubleshooting problems. Cloud-based disaster recovery also lets you restore and recover data and
applications in minutes.
3. Cloud data compliance: Robust cloud data security programs are designed to meet compliance obligations,
including knowing where data is stored, who can access it, how it’s processed, and how it’s protected. Cloud
data loss prevention (DLP) can help you easily discover, classify, and de-identify sensitive data to reduce the risk
of violations.
4. Data encryption: Organizations need to be able to protect sensitive data whenever and wherever it goes.
Cloud service providers help you tackle secure cloud data transfer, storage, and sharing by implementing several
layers of advanced encryption for securing cloud data, both in transit and at rest.
5. Lower costs: Cloud data security reduces total cost of ownership (TCO) and the administrative and
management burden of cloud data security. In addition, cloud providers offer the latest security features and
tools, making it easier for security professionals to do their jobs with automation, streamlined integration, and
continuous alerting.
6. Advanced incident detection and response: An advantage of cloud data security is that providers invest in
cutting-edge AI technologies and built-in security analytics that help you automatically scan for suspicious
activity to identify and respond to security incidents quickly. 15
16
17
18
19
20
 Summary
Cloud security services are a critical component in ensuring the confidentiality, integrity, and availability of data
and applications hosted in cloud environments. These services encompass a range of measures designed to
protect against various cyber threats and vulnerabilities. Identity and Access Management (IAM) services play a
pivotal role in managing user access and permissions, preventing unauthorized entry into cloud systems.
Encryption services ensure the confidentiality of data in transit and at rest, safeguarding sensitive information
from unauthorized access. Security Information and Event Management (SIEM) services provide real-time
monitoring and analysis of security events, helping to detect and respond to potential security incidents
promptly. Cloud providers often offer Distributed Denial of Service (DDoS) protection services to mitigate the
impact of malicious attacks on cloud-hosted applications. Regular security assessments, audits, and compliance
services help organizations maintain adherence to regulatory requirements and industry standards. Additionally,
cloud security services may include threat intelligence, firewall management, and incident response capabilities
to enhance overall resilience against evolving cybersecurity threats. As organizations increasingly migrate to the
cloud, the adoption of robust cloud security services becomes imperative to build a secure and trusted cloud
environment.

21
QUIZ
1. What is the primary goal of cloud security?
a. Data replication b. Data confidentiality, integrity, and availability
c. High-speed data transfer d. Server virtualization
2. Which cloud security service is responsible for managing user access and permissions?
a. SIEM b. DDoS protection
c. IAM d. Encryption
3. What does DDoS stand for in the context of cloud security?
a. Data Distribution over Systems b. Distributed Denial of Service
c. Digital Data Optimization Service d. Dynamic Database on Servers
4. Which cloud security measure is used to ensure the confidentiality of data?
a. IAM b. SIEM c. Encryption d. DDoS protection
5. What does SIEM stand for in cloud security?
a. Secure Internet Exchange Management b. Security Information and Event Management
c. Systematic Incident and Event Monitoring d. Service Integration and Event Management
6. Which cloud security service provides real-time monitoring and analysis of security events?
a. IAM b. Encryption c. SIEM d. DDoS protection
7. What is the purpose of IAM in cloud security?
a. Ensuring data availability b. Managing user access and permissions
c. Encrypting data in transit d. Protecting against DDoS attacks

22
 REFERENCES
TEXT BOOKS
1. Cloud Computing: A Practical Approach by Toby Velte, Anthony Velte, Robert C. Elsenpeter, McGraw Hill Professional, 22 Oct 2009
2. Buyya, Rajkumar, James Broberg, and Andrzej M. Goscinski, eds. Cloud computing: Principles and paradigms. Vol. 87. John Wiley & Sons, 2010.
3. Miller, Michael. Cloud computing: Web-based applications that change the way you work and collaborate online. Que publishing, 2008.
4. Hurwitz, Judith S., et al. Cloud computing for dummies. John Wiley & Sons, 2010.
5. Kris Jamsa. Cloud Computing: SaaS, PaaS, IaaS, Virtualization, Business Models, Mobile, Security and more, Jones &Bartlet Learning Company LC, 20012
REFRENCE BOOKS
1. G. Pfister. In Search of Clusters. Prentice Hall PTR, NJ, 2nd Edition, NJ, 1998.
2. Cloud Computing: Implementation, Management, and Security, by John Rittinghouse and James F.Ransome, CRC Press Taylor and Francis Group
3. Joshy Joseph and Craig Fellenstein, Grid Computing, Person Edition, (2004).
4. Maozhen Li, Mark Baker, “The Grid Core Technologies”, John Wiley & Sons (2005).
5. Cloud Computing: A Practical Approach for Learning and Implementation Paperback – 1 January 2014 by Srinivasan, Pearson Education
Video Links
https://www.youtube.com/watch?v=A3FPxuKlnkU&list=PLFW6lRTa1g82dte3YD_7-GoZXcBiK6K9G
Web Links
1. https://www.geeksforgeeks.org/what-is-a-distributed-system/
2. https://www.geeksforgeeks.org/difference-between-cloud-computing-and-distributed-computing/
3. https://www.ibm.com/topics/distributed-cloud
4. https://www.geeksforgeeks.org/cloud-computing/
5. https://learn.rumie.org/jR/bytes/learn-the-basics-of-cloud-computing-in-3-minutes/?
utm_source=bing&utm_medium=cpc&utm_campaign=RumieLearn-Bytes%20%28non-NA%29&utm_term=cloud%20computing&utm_content=TS 23
%20-%20Computing%20In%20Cloud%20Computing
THANK YOU