Security is one of the biggest concerns in the Windows azure.
There are many ways to secure our data in the cloud azure:
1. Access Control Service
for securing access to your Azure solutions through a claims-based identity model.
2. Windows azure applications are deployed in Microsoft Data center which gets all the security benefits provided by Microsoft.
3. Authentication and authorization can be implemented by using the ASP.NET membership
and role provider or by Access Control Service (ACS)
, which is part of .NET Services. All the .net security features are applied to windows azure.
4. Using Claim based authentication (Windows Identity Foundation
Applications determine whether a user is allowed access based on Security Assertion Markup Language (SAML)
tokens that are created by the Security Token Service (STS)
and contain information about the user. The STS provides a digital signature for each token. Applications have lists of digital certificates for the STSs it trusts. Trust relationships can be created between a trusted STS and an STS that issues a token to provide for identity federation. The Access Control Service is an STS that runs in the cloud. This STS validates the signature on the SAML token that is sent by the client application (such as a web browser) and creates and signs a new token for the client application to present to the cloud application.
5. Sql Azure Security:
Security in SQL Azure is much like security for an on-site SQL Server, so SQL administrators will find security management at the database level to be a familiar task. Server-level administration is a bit different because the databases may span more than one physical system.
SQL Azure provides same level of security that is applicable to SQL Server. All the SQL Azure related security settings are stored in the master database.
Sql azure also provides firewall mechanism that can be used to allow or deny connections to sql azure. To interact with sql azure we need to specify IP ranges that will be used to connect.
You cannot interact with sql azure without any certificate and encryption method which helps in secure transmission of data.
6. Operating System
Versioning in Windows Azure:
Operating system versioning is the new feature included in the windows azure services where in customers can choose when their applications receive new operating system updates and patches by selecting which version of the operating system their applications will run on in Windows Azure. Right now there is only one available operating system version (released on December 17th, 2009), but new builds with the latest updates and patches will be released regularly. This new feature allows developers to test their applications when new patches come out before upgrading their production deployments.
Azure is running on Windows Server 2008 and has a custom very-tightly-locked-down web configuration. The server is behind firewalls and load balancers and is running in a highly automated virtualization environment.
Refrerences: http://www.windowsecurity.com/articles/Microsoft-Azure-Security-Cloud.html http://blogs.credera.com/2009/12/30/windows-azure-security/ http://www.microsoft.com/windowsazure/resources/