security monitoring and enforcement for the cloud model
play

Security Monitoring and Enforcement for the Cloud Model Aryan - PowerPoint PPT Presentation

Apr 02, 2024 •358 likes •795 views

Infrastructure Architecture for a Cloud IaaS Provider Software Defined Networking and Network Virtualization Network Monitoring Security Enforcement Inter-Domain Routing for Virtualized Networks Security Monitoring and Enforcement for the

  1. Infrastructure Architecture for a Cloud IaaS Provider Software Defined Networking and Network Virtualization Network Monitoring Security Enforcement Inter-Domain Routing for Virtualized Networks Security Monitoring and Enforcement for the Cloud Model Aryan TaheriMonfared aryan.taherimonfared@uis.no June 21, 2013 Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  2. Infrastructure Architecture for a Cloud IaaS Provider Software Defined Networking and Network Virtualization Network Monitoring Security Enforcement Inter-Domain Routing for Virtualized Networks Agenda Infrastructure Architecture for a Cloud IaaS Provider 1 10000 Foot View 1000 Foot View Networking inside a Rack Tenant Network Logical View Challenges Software Defined Networking and Network Virtualization 2 Definition Rationality Use Cases Network Monitoring 3 Challenges Data-intensive framework for network monitoring NV-aware Framework for Cloud Model Security Enforcement 4 Inter-Domain Routing for Virtualized Networks 5 Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  3. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Outline Infrastructure Architecture for a Cloud IaaS Provider 1 10000 Foot View 1000 Foot View Networking inside a Rack Tenant Network Logical View Challenges Software Defined Networking and Network Virtualization 2 Network Monitoring 3 Security Enforcement 4 Inter-Domain Routing for Virtualized Networks 5 Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  4. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Multiple Cells Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  5. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Single Cell Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  6. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Inside a Rack Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  7. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Inside a Compute Node Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  8. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Network Logical View Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  9. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Any Networking Challenges? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  10. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Any Networking Challenges? Yes, lots of them :) Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  11. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Any Networking Challenges? Deployment complexity Maintenance cost Tenant’s network isolation and end-to-end connectivity Tenant’s traffic monitoring Security enforcement Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  12. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Deployment complexity and Maintenance cost Increased number of networking devices by the factor of cluster size Virtualized networking devices Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  13. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Tenant’s traffic isolation and end-to-end connectivity VLAN tagging GRE tunnels, EoIP tunnels Namespaces in Linux networking stack Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  14. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Tenant’s network monitoring How to distinguish between tenants’ traffic? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  15. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Tenant’s network monitoring How to distinguish between tenants’ traffic? VLAN IDs? GRE addresses? Namespaces? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  16. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Tenant’s network monitoring How to get the information in real-time? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  17. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Tenant’s network monitoring How to get the information in real-time? Querying: network management service? platform controller? each compute node? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

  18. Infrastructure Architecture for a Cloud IaaS Provider 10000 Foot View Software Defined Networking and Network Virtualization 1000 Foot View Network Monitoring Networking inside a Rack Security Enforcement Tenant Network Logical View Inter-Domain Routing for Virtualized Networks Challenges Security enforcement Where to put security middle boxes? How to control and federate them with the rest of platform’s components? Aryan TaheriMonfared aryan.taherimonfared@uis.no Security Monitoring and Enforcement for the Cloud Model

Recommend

Including Security Monitoring in Cloud Service Level Agreement (SLA) Amir Teshome Supervisors

Including Security Monitoring in Cloud Service Level Agreement (SLA) Amir Teshome Supervisors

Including Security Monitoring in Cloud Service Level Agreement (SLA) Amir Teshome Supervisors Louis Rilling Christine Morin July 5, 2016 Amir Teshome Including Security Monitoring in Cloud SLA 1 / 11 Introduction SLAs & Security

1.26k views • 57 slides
KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

FROM USE CASE TO PRODUCTION KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP CLOUD MONITORING AWS METRICS NRDB HTTP APP CLOUD MONITORING SCHDLR JOBS AWS NRDB METRICS HTTP WORKER CLOUD

1.43k views • 124 slides
All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring

All Your Cluster-Grids Are Belong to Us: Monitoring the (in)Security of Infrastructure Monitoring Systems Andrei Costin EURECOM, France 1 st Workshop on Security & Privacy in the Cloud (SPC) 30 Sep 2015, Florence Italy Agenda

640 views • 63 slides
A Blockchain based Witness Model for Trustworthy Cloud Service Level Agreement Enforcement Huan

A Blockchain based Witness Model for Trustworthy Cloud Service Level Agreement Enforcement Huan

A Blockchain based Witness Model for Trustworthy Cloud Service Level Agreement Enforcement Huan Zhou , Xue Ouyang, Zhijie Ren, Jinshu Su, Cees de Laat, Zhiming Zhao Paris 1/May/2019 Outline Cloud SLA / Blockchain: background and challenges

931 views • 30 slides
CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks (or: How to Provide Security Monitoring as a Service in Clouds?) Seungwon Shin Guofei Gu SUCCESS Lab SUCCESS Lab Texas A&M University Texas A&M

314 views • 6 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland

Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland

Security, IAM AWS sh shared red res espon ponsib sibility ility mo model el Portland State University CS 430P/530 Internet, Web & Cloud Systems Cloud ud se security urity In this course, security "in-the-cloud" via

445 views • 28 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the

Cloud Security Today Presenter: Jason Sheffield Topics What are the issues today? What is the Cloud? How the Cloud is delivered: Iaas, PaaS and SaaS Cloud security challenges and risk Current Cloud security report Cloud security technology

302 views • 27 slides
An Adaptive Technique to Model Virtual Machine Behavior for Scalable Cloud Monitoring C. Canali

An Adaptive Technique to Model Virtual Machine Behavior for Scalable Cloud Monitoring C. Canali

An Adaptive Technique to Model Virtual Machine Behavior for Scalable Cloud Monitoring C. Canali R. Lancellotti University of Modena and Reggio Emilia Department of Engineering Enzo Ferrari ISCC'14, 24-26 Jun. 2014, Madeira 1

714 views • 17 slides
Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 15-17, 2014 NSS

146 views • 13 slides
in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order

Monitoring of enforcement in Hungary Enforcement procedure Procedure after Ordering enforcement enforcement order Ordering enforcement Authorities court notary public Enforcement order certificate of enforcement

540 views • 12 slides
Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which

Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which

Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which policies are enforceable ? Characterization for an abstract setting Enforcement via execution monitoring system allowed

1.03k views • 73 slides
Y O U R D A T A . O U R T E C H N O L O G Y . Data Monitoring in The Cloud Connect all of your

Y O U R D A T A . O U R T E C H N O L O G Y . Data Monitoring in The Cloud Connect all of your

Y O U R D A T A . O U R T E C H N O L O G Y . Data Monitoring in The Cloud Connect all of your data collection devices to our cloud and get the capacity of real time analysis and monitoring through web and mobile applications or using our

415 views • 4 slides
Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined)

Outline Get Off of My Cloud 8271 discussion of cloud computing security (combined) Administrative discussions Stephen McCamant University of Minnesota Multi-Cloud Oblivious Storage Old and new topics in security Cloud threats, old and new

645 views • 8 slides
1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

1 1.2. Guidelines for Information Security of Cloud Computing Category Main contents of measure

Agenda Related Polices to Cloud Computing I. Guidelines for Information Security of Cloud II. Computing Cloud Security Certification Scheme in KOREA Cloud Security Certification Program in Korea III. April. 11, 2017 Jungduk (JD) KIM, Ph.

403 views • 5 slides
Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov

Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov

Can You Trust Your Encrypted Cloud? An Assessment of SpiderOakONEs Security Anders Dalskov Claudio Orlandi Aarhus University RWC 2018 Agenda I A Threat Model for Encrypted Cloud Storage (ECS). I A high-level look into a modern ECS service

770 views • 47 slides
Cloud Security Guidance Tania Martin Smals Research January 2015 www.smalsresearch.be Overview

Cloud Security Guidance Tania Martin Smals Research January 2015 www.smalsresearch.be Overview

Cloud Security Guidance Tania Martin Smals Research January 2015 www.smalsresearch.be Overview of the cloud Intro Model Govern IAM IT Sec Oper Sec Dropbox Choose Conclu 2/66 What about the security of the

688 views • 66 slides
Cloud Security Guidance Tania Martin Smals Research February 2015 www.smalsresearch.be Overview

Cloud Security Guidance Tania Martin Smals Research February 2015 www.smalsresearch.be Overview

Cloud Security Guidance Tania Martin Smals Research February 2015 www.smalsresearch.be Overview of the cloud Intro Model Govern IAM IT Sec Oper Sec Dropbox Choose Conclu 2/66 What about the security of the

703 views • 66 slides
Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
Compliance Monitoring and Enforcement Program Annual Report Ed Kichline, Senior Counsel and

Compliance Monitoring and Enforcement Program Annual Report Ed Kichline, Senior Counsel and

Agenda Item 3 Compliance Monitoring and Enforcement Program Annual Report Ed Kichline, Senior Counsel and Director of Enforcement Oversight Steven Noess, Director of Regulatory Programs Compliance Committee Meeting February 5, 2020 RELI ABI

256 views • 22 slides
Security Summer 2016 Cornell University 1 Today Security policies Enforcement

Security Summer 2016 Cornell University 1 Today Security policies Enforcement

CS 4410 Operating Systems Security Summer 2016 Cornell University 1 Today Security policies Enforcement Authenticating people Passwords 2 Security policy Security policies prescribe what must be done and what must not be

431 views • 13 slides
The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud

The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud

The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Director, Cloud Engineering Immunet, Inc. Monday, August 22, 2011 The Cloud-y Future of Security Technologies Adam J. ODonnell, Ph.D. Chief Architect, Cloud

848 views • 68 slides
Large-scale performance monitoring framework for cloud monitoring Run-Time Latency Detection in

Large-scale performance monitoring framework for cloud monitoring Run-Time Latency Detection in

Large-scale performance monitoring framework for cloud monitoring Run-Time Latency Detection in Production Julien Desfossez Michel Dagenais Dcembre 2014 cole Polytechnique de Montreal Latency-tracker Kernel module to track down

524 views • 17 slides

More recommend