cloud security
play

CLOUD SECURITY OR: HOW I LEARNED TO STOP WORRYING AND LOVE THE CLOUD - PowerPoint PPT Presentation

Mar 26, 2024 •187 likes •450 views

Click to edit Master title style CLOUD SECURITY OR: HOW I LEARNED TO STOP WORRYING AND LOVE THE CLOUD Jakob I. Pagter (Alon Hazay) Alexandra Instituttet A/S About the Alexandra Institute Click to edit Master title style Non-profit

  1. Click to edit Master title style CLOUD SECURITY OR: HOW I LEARNED TO STOP WORRYING AND LOVE THE CLOUD Jakob I. Pagter (Alon Hazay) Alexandra Instituttet A/S �

  2. About the Alexandra Institute Click to edit Master title style • Non-profit application oriented research institution – focus on IT • GTS – Godkendt Teknologisk Service Institut • 100+ employees generating Commercial R&D • Development • Consultancy • Researchers • Providers • Ideation • Users • Networks • Dissemination inspiration

  3. Essential Characteristics of Cloud Click to edit Master title style Computing On-demand self-service • provision computing capabilities automatically without requiring human interaction Broad network access • Capabilities are available over the network promote use by heterogeneous thin or thick client Measured Service Resource usage can be monitored, controlled, and reported, providing transparency Rapid elasticity • Capabilities can be rapidly and elastically provisioned, automatically, to quickly scale out or rapidly scale in Resource pooling • A sense of location independence. customer has no control or knowledge over the location of the resources

  4. Deployment Model Click to edit Master title style 4

  5. Cloud Service Models - Click to edit Master title style

  6. NIST Visual Model of Cloud Computing Click to edit Master title style Definition

  7. Click to edit Master title style 7

  8. Governance and compliance Click to edit Master title style • We have four datacenters in the US, two in Europe and two in Asia. Even though you choose to store your data in Europe instead of Worldwide, your data will be stored at least three times. Two times on your main location and one time at a secondary data center’ Statement MS Azure:

  9. Click to edit Master title style

  10. Amazon Outage Click to edit Master title style http://aws.amazon.com/message/65648/

  11. Account or Service Hijacking Click to edit Master title style • Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure.

  12. Multi-Tenancy Click to edit Master title style Multi-Tenancy ¡ Separation ¡ • one program, need to • Solution that supports serve at the same time the Multi-Tenancy, capable of number of consumer creating separation organizations (Tenants) ¡ between the different Tenants ¡

  13. Virtualization vulnerabilities by vendor Click to edit Master title style Low percentages for Oracle, IBM, and Microsoft • VMware: 80.9% • Oracle: 1.8% • RedHat: 6.9% • IBM: 1.1% • Citrix: 5.8% • Microsoft: 0.9%

  14. Insecure Interfaces and APIs Click to edit Master title style Web service Web service man-in-middle redirection message attack ¡ alteration attack

  15. Click to edit Master title style 15

  16. Business pros (and cons!) Click to edit Master title style Fate- Indbygget sharing sikkerhed 2000 Stordrift Tilføjet $150.000 Location sikkerhed Samlet Armbrust et al.: Above The Clouds , 2011 sikkerhed Berkeley 2009 $1500 ? ? IaaS PaaS SaaS ? Omkostning Lokation Agilitet Virtualisering Hvem Selvbetjening • er på? Innovation Tredjeparter • hvor? • hvilke Compliance data? APIs Kompleksitet Innovation Availability Risikoprofil? Omkostning Innovation … ??!! År1 År2 År3 År4 År5 År6 År7 År8

  17. Cloud Security Alliance Click to edit Master title style The CSA is a member-driven organization, chartered with promoting the use of best practices for providing security assurance within Cloud Computing.

  18. Get certified! Click to edit Master title style alexandra.dk/ccsk

  19. Get certified! Click to edit Master title style 19 Alexandra – Sikkerhed og Innovation i Skyen

  20. Click to edit Master title style

  21. A (proper) encrypted Dropbox Click to edit Master title style Data hidden to Dropbox Transparent integration

  22. Shallow confidentiality Click to edit Master title style No real confidentiality web server.. Computation: decrypted! ?! Storage: encrypted Local computation

  23. Deep confidentiality Click to edit Master title style web server.. Security Performance Computation: encrypted! Storage: encrypted

  24. Case: energiauktion.dk (via partisia.com) Click to edit Master title style 100 90 80 70 2. Submit bids 1. Define Usage 60 auction 50 Base cost 40 30 SMC cost 20 (amortized) 10 0 Elasticity 0-2 2-4 6-8 10-12 14-16 18-20 22-24 2-3 4-6 8-10 12-14 16-18 20-22 3. Find => confidentiality! winner 4. Make the deal

  25. Thx for you attention! Click to edit Master title style PS: Please remember to evalueate the presentations (incl. this one ;)

Recommend

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the Cloud? How the Cloud is delivered: Iaas, PaaS and SaaS Cloud security challenges and risk Current Cloud security report Cloud security technology

302 views • 27 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud

The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud

The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud Engineering Immunet, Inc. Monday, August 22, 2011 The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Chief Architect, Cloud

848 views • 68 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by

Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by

Cloud Native Visibility and Security Chris Kranz Sysdig Secure DevOps for Cloud Native Open by design Ecosystem integration Strong momentum Founded by Wireshark Cloud-native security Customer expansion mirrors co-creator and

247 views • 22 slides
Migration To Cloud Why Cloud Advantages of Cloud Managed Rapid Rapid Increased Security

Migration To Cloud Why Cloud Advantages of Cloud Managed Rapid Rapid Increased Security

Migration To Cloud Why Cloud Advantages of Cloud Managed Rapid Rapid Increased Security Cap-ex Free Resilience Infrastructure Elasticity Infrastructure Flexibility Sevices 5% of organizations have migrated at least 30% 41% 52%

540 views • 11 slides
Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste Orange Labs SEC2 ComPAS15 Workshop on Cloud Security Lille, June 30, 2015 Cloud Security Today Security = key concern in cloud adoption for the

2.73k views • 33 slides
CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

709 views • 38 slides
Singapore Standard for Multi-Tiered Cloud Security - SS 584:2013 1. To provide an overview of

Singapore Standard for Multi-Tiered Cloud Security - SS 584:2013 1. To provide an overview of

Agenda Singapore Standard for Multi-Tiered Cloud Security - SS 584:2013 1. To provide an overview of Multi-Tier Cloud Security (MTCS SS584:2013) standard 2. To detail the deployment considerations and related initiatives Wong Onn Chee, Cloud

353 views • 6 slides
Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief

Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief

Securing the Cloud Identity Management and Network Security in the Cloud Mark Ryland Chief Solutions Architect AWS Public Sector team Khawaja Shams Cloud Architect Jet Propulsion Labs / NASA QCon New York 2012 Agenda Identity &

594 views • 21 slides
Cloud: How Big Is Your Risk? Prasidh Srikanth Booth #450 Agenda Cloud BYOD Security Booth

Cloud: How Big Is Your Risk? Prasidh Srikanth Booth #450 Agenda Cloud BYOD Security Booth

psrikanth@bitglass.com Booth #450 Surviving the Cloud: How Big Is Your Risk? Prasidh Srikanth Booth #450 Agenda Cloud BYOD Security Booth #450 Time Travel to 2004 Virtual Private Server Dedicated Server Shared Hosting Cloud Booth

498 views • 14 slides
Defining the Cloud Battlefield Supporting Security Assessments by Cloud Customers Sren Bleikertz

Defining the Cloud Battlefield Supporting Security Assessments by Cloud Customers Sren Bleikertz

Defining the Cloud Battlefield Supporting Security Assessments by Cloud Customers Sren Bleikertz 1 Toni Masteli 2 Sebastian Pape 3 Wolter Pieters 4 Trajce Dimkov 5 1 IBM Research - Zurich 2 Vienna University of Technology 3 TU Dortmund 4 TU

683 views • 46 slides
Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes

Using Cloud Native Technologies to Solve Complex Application Security Challenges in Kubernetes Deployments Cequence Security: A Cloud Native Approach to Application Security Venture-backed start-up bringing much-needed innovation to

304 views • 17 slides
Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION

Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION

Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION Cloud Innovation Pre- and Post-Acquisition Acquisition announced Expansion to IaaS Skyhigh API control: Sanctioned Apps Networks Custom Apps

565 views • 30 slides
Cloud Security An IAM GAME Nathaniel Beckstead whoami I am here because I love to give

Cloud Security An IAM GAME Nathaniel Beckstead whoami I am here because I love to give

Cloud Security An IAM GAME Nathaniel Beckstead whoami I am here because I love to give presentations. @scriptingislife https:/ /scriptingis.life https:/ /glimpseid.com 2 What is the cloud? 3 What is the cloud? 4 What is the cloud? 5

1.12k views • 32 slides
Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland

Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland

Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland State University CS 430P/530 Internet, Web & Cloud Systems Cloud ud se security urity In this course, security "in-the-cloud" via

445 views • 28 slides
Security in a cloud context David Crooks, for the EGI CSIRT Lessons learned from recent incidents

Security in a cloud context David Crooks, for the EGI CSIRT Lessons learned from recent incidents

Security in a cloud context David Crooks, for the EGI CSIRT Lessons learned from recent incidents www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 Cloud Security EGI

571 views • 16 slides
For personal use only Firstwave Cloud Technology Limited (FCT) FY19 Results FCTs Cloud

For personal use only Firstwave Cloud Technology Limited (FCT) FY19 Results FCTs Cloud

For personal use only Firstwave Cloud Technology Limited (FCT) FY19 Results FCTs Cloud Content Security Platform (CCSP) is a unique SaaS email, web & firewall security services orchestration platform for Telco / Service Providers that

883 views • 25 slides
Security Monitoring and Enforcement for the Cloud Model Aryan TaheriMonfared

Security Monitoring and Enforcement for the Cloud Model Aryan TaheriMonfared

Infrastructure Architecture for a Cloud IaaS Provider Software Defined Networking and Network Virtualization Network Monitoring Security Enforcement Inter-Domain Routing for Virtualized Networks Security Monitoring and Enforcement for the

795 views • 42 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate

For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate

For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate Create Execute July 2017 1 For personal use only AGENDA Executive Summary Steve OBrien, MD Financial & Operational Update

549 views • 30 slides

More recommend