Cloud is where our data lives, is where code resides, applications run, and decisions are made. With this huge responsibility placed on Cloud, it becomes a rich target for attackers to mime private data, insert malware into code or applications, as well as influence the decisions. This talk will provide an overview of cloud security, with an emphasis on secure design leaning on core building blocks such as Identity Management, storage security, key management.