Spotlight on Mainframe Security: Data Authenticity and Endpoint Security
|
|
- James Brendan Cooper
- 8 years ago
- Views:
Transcription
1 Spotlight on Mainframe Security: Data Authenticity and Endpoint Security P K W A R E W H I T E P A P E R WP 700.xxxx
2 Table of Contents Cloud Computing and the Mainframe 3 Different Kinds of Clouds and the Mainframe 4 The Cloud and Man-in-the-middle Attacks 4 Defeating Man-in-the-middle Attacks 5 Conclusion 7 2
3 Spotlight on Mainframe Security: Data Authenticity and Endpoint Security Mainframe modernization via Service-Oriented Architecture (SOA) and other means introduces certain risks to the quality and accuracy of data. Even though the mainframe has the most durable protections in the industry, necessary integration with small platform systems in order to provide user productivity interfaces opens the door to man-in-the-middle attacks and other threats far beyond those contemplated in the system s initial design. Market needs for improved operational efficiency and quicker time-to-market compels modernization in all of its forms, particularly through web application integration. IBM clearly recognizes this, as demonstrated in the recent release of the Solution Edition for the IBM System z Enterprise Linux Server. This offering provides a System z10 with no z/os running on it, simply z/vm with SUSE or Red Hat guests. The fact that IBM is packaging a mainframe without its flagship operating system sheds light on the fact that the mainframe is now just another server in your data center, with all the network connectivity, integration points, and risks of any other server. Twenty years ago, the mainframe was liquid-cooled and sat on a raised floor in the data center, physically protected by a series of badge readers with a limited network and well-defined 3270 end points. Now, the air-cooled mainframe can sit on a non-raised floor, serving web pages to anyone on the Internet, anywhere. In fact, more and more organizations are using the mainframe for just that purpose, since it remains superior in regard to Reliability, Availability, and Serviceability (RAS). It also offers efficiencies in power and workload management, when compared to smaller platforms. SOA provides a framework for distributed applications provisioned from the mainframe. No longer are missioncritical applications wholly resident within the protected application space of the traditional mainframe processing environment. Today, applications based on services rely on the Internet, or the internal network of an organization, for access to functions that once were contained within the boundaries of a single machineresident application. This change moves access to applications beyond the data center or organizational perimeter and extends processing capability globally through the spectrum of public, private, and hybrid clouds. Cloud Computing and the Mainframe Cloud computing is a huge buzz word in the industry today; those most experienced and familiar with the mainframe can be justifiably skeptical that a new concept has been introduced. It seems more like a variation of something else that has long existed within mainframe computing. For example, virtualization is not new; it has been around on the mainframe since the late 1960s. On closer inspection by the seasoned mainframe executive, the paradigm of cloud computing seems more of an evolutionary change than the over-hyped revolutionary change touted by some pundits. 3
4 Mainframe modernization, however, is likely to play a big role in cloud computing, as the mainframe already performs many of the services required by effective cloud computing: Software as a Service (SaaS) the application is hosted on the mainframe. Customer Information Control System (CICS) has been doing this for years. In today s paradigm, SaaS usually refers to applications delivered through a browser, which the mainframe ably serves via WebSphere on z/os or zlinux. Infrastructure as a Service (IaaS) a virtual server and storage are provided in a hosted environment, much like you find with guests on z/vm. This is a very common use case with z/os and zlinux. Platform as a Service (PaaS) desktop or server images are provided remotely. As with the previous examples, this concept traces back to the early 1970s mainframe shared computing. PaaS typically includes the development, testing, deployment, and hosting of the service; in contemporary terms it includes development, testing, and deployment over the web, again through z/os and zlinux. Different Kinds of Clouds and the Mainframe How services are provided, and by whom, defines the type of cloud that is being used: public, private, or hybrid cloud. Public Cloud A public cloud is where services are provided outside the organization, hosted by the data center of a third party, on infrastructure that is [almost always] shared by other customers. The provider of the services gains economies of scale that translate into reduced costs to customers, with the offset of reduced direct control. There are many additional advantages of using public cloud services. Organizations may require specific services to meet their business requirements that lie outside their core competencies, such as the customer relationship management automation needs of a hard goods manufacturer. A provider that focuses on delivering those services is going to be better equipped to do so than an organization whose core business is selling finished goods. Enterprises can take advantage of those services, the richness of their functionality, and the lower cost basis public cloud service provides, while still continuing to focus on their core business. Examples of public cloud services include Amazon S3, Google Docs, and Salesforce. Private Cloud A private cloud, then, is defined as cloud services delivered from within the organization s own data center for its own exclusive use. Private cloud provisioning may be somewhat more expensive, but holds the benefits of improved ability to provide higher service levels for availability, reliability, and response time. Hybrid Cloud Hybrid cloud, naturally, refers to implementations integrating both public and private cloud-based application to address a given business need (e.g., public cloud storage integrated with private cloud application support). The Cloud and Man-in-the-middle Attacks Just because an application is hosted in a cloud of any type, however, does not mean that it provides the 4
5 necessary or appropriate security for an organization s sensitive data. It is imperative that mainframe executives understand that this is not an issue restricted to public cloud delivery. Insider threats are so common today that private cloud implementations may represent greater risk. Many of the breaches that we read about are not about outside attackers that are penetrating the perimeter; the attackers are already on the inside of the perimeter where the attack surface is much richer than it is from outside the perimeter. By definition, cloud applications built using SOAs are modular and are composed of many smaller selfcontained components, all combining together to provide integrated application functions. They are distributed with components residing on any number of independent, interconnected machines particularly many PC-based browsers and open server-based applications connecting to the mainframe. This model of application development provides for unprecedented agility and scalability of business functions, extending many of the application development tenants the mainframe has helped to foster. While the benefits of service-oriented applications are leading more and more organizations to adopt servicebased application models, there are new risks associated with distributing application processing over the network. These risks raise new concerns on how to ensure these applications still meet requisite security requirements and are exponentially greater when the network extends to the Internet. Chief among the security concerns is how to retain both application and data integrity between all the distributed components. Distributed applications are particularly susceptible to a type of security vulnerability known as a man-inthe-middle attack. This type of attack can occur whenever there is an exchange of information between applications or application components over a communication link such as a network. Service-oriented applications are more susceptible to this type of attack because the components of an application may reside on separate machines and the data they process may move between machines during normal processing. The attack is implemented when an attacker, through misrepresentation, intercepts or alters the information exchanged between two legitimate process components and either receives information inappropriately or provides false information. The result of this type of attack is that the integrity and, therefore, the legitimacy of the data are compromised. For example, consider a bank clearing application that exchanges bulk files of checks needing to be settled. One component of the application accumulates all the check information, including the payer and the payee information, and then passes it to another component that posts all the necessary debits and credits to all impacted accounts. If a man-in-the-middle intercepts the file from the first component, substitutes his offshore account information in place of the legitimate payee s information, and then passes a still well-formed file to the second component, the attacker might successfully defraud an organization for millions of dollars. Defeating Man-in-the-middle Attacks To prevent against man-in-the-middle attacks, service-oriented applications must provide for authentication of data exchanged between components. This includes verification of the identity of each component on which the application depends, as well as authentication of the data received for processing. A number of validation methods can be utilized to verify the right component is being used. The best method for ensuring the data integrity of application data is through the use of digital signing. A digital signature provides an 5
6 identity between signed data and a Original Data verifiably trusted entity, whether an individual, organization, or application. Digital signing occurs when the full body of data is first passed through a cryptographic hash function to derive a Hashing Algorithm fixed length output. A hash function is a mathematical process for converting an One-way Hash input data set, often of large size, into a unique output value called a message Private Key Encryption Digital Signature digest. The message digest is then encrypted using the signer s private FIGURE 1 DIGITAL SIGNING key. This encrypted message digest then becomes the digital signature. The digital signature and a copy of the signer Original Data certificate are attached to the data. One-way Hash Authentication is performed by using the signer s public key to decrypt the signed Identical Hashes Validate Data Integrity hash. The signed hash is compared to an independently derived hash using Digital Signature Private Key Encryption One-way Hash the same input data and hash function. Contemporary hash functions include SHA-1 and SHA-2, in a variety of bit FIGURE 2 AUTHENTICATING A DIGITAL SIGNATURE strengths. Some service-oriented applications require assurance that the digital signature applied to the data is not only valid, but that it is from the expected digital signer. This provides extra assurance that the data presented is genuine and not only has not been tampered with since the data was signed, but also that the signature was applied by a specific named party. This process is often referred to as trusted authentication. Transaction authentication is well defined and can be achieved through two-factor authentication methods of identifying a user or application. This method is based on something a user has and something they know or something they are. A common example is the use of an X.509 held on a smart card, which many federal agencies require the user must have the smart card and know the passphrase to access the private key on the card before it can be used for decryption or signing. Transaction Verification (TV) is something slightly different; it authenticates the user as it does in Transaction Authentication (TA), but also ensures the integrity of the content of the transaction. What is not well defined is the authentication of data that is passed between applications that is not encapsulated in the transaction itself. When large amounts of data need to be exchanged between applications, the transaction itself usually 6
7 is authenticated; but what about the data? It is important to separate the protection of data privacy (i.e., through encryption) from the protection of the integrity of processing via authentication. Just because data is encrypted does not mean it came from an authenticated source - anyone can encrypt using a public key. For example, data that is collected as part of a mortgage application could be part of a private cloud registration application that assembles a series of forms and documents. This data will then be passed to another pre-approval application in the same private cloud where the data will be reviewed, bound, and sent to an approval application that exists in the public cloud. The bound data is digitally signed and encrypted before it is passed to the approval application in the public cloud. Consider, however, an insider man-in-the-middle attack in the private cloud that altered or tampered with the data between the registration application and the pre-approval application. A significant amount of time might elapse from the time the registration application stages the data for the pre-approval application before it actually processes the data exactly the kind of gap attackers seek. By digitally signing the data between applications, the pre-approval application would be able to determine if the registration data actually came from the registration application. Applications exchanging data in the cloud should digitally sign the data, as well as encrypt it. When the application signs the data with a private key, it ensures the data is protected while at rest; and the receiving application can validate that the data was not altered after the producer of the data digitally signed it. It can also validate that the data did, in fact, come from the trusted producing application. Conclusion The mainframe is a vital component for both backend processing and for web application hosting. Cloud computing meets the need of organizations requiring applications that attain specific cost, flexibility, or control levels. Yes, mainframe executives must take into account the risks of the cloud s distributed architecture and take appropriate actions to address them. While encryption mitigates risks to data privacy in cloud applications, the separate risk of data integrity in terms of both content and source is best addressed through digital signing and trusted authentication. Mainframe applications 20 years ago did not need to be concerned with encryption of data, let alone authentication issues, because there was enough physical and network security to sufficiently mitigate the risks. Mainframe applications today now need to apply the same risk mitigation security precautions as are applied on a Microsoft Windows server. About the Authors Joe Sturonas, Chief Technology Officer, PKWARE, Inc. Joe Sturonas was previously CTO of Premonition Software, as well as Spirian Technologies. He was also a founding member of OneNetPlus.com, an Internet-centric Management Service Provider. Mr. Sturonas holds a MS degree in Computer Science from DePaul University. Jeff Cherrington, Vice President of Product Management, PKWARE, Inc. Jeff Cherrington was previously Vice President at Bank One, Director of Product Management & Consulting Services for WorkPoint, Inc., and has also worked with other top US and international financial services companies. Mr. Cherrington has an Executive MBA degree from the University of Nebraska. 7
8 Distributore Italiano C.H.Ostfeld V.le Zara Milano Tel: PKWARE, Inc. All rights reserved. PKWARE, PKZIP, SecureZIP, and SecureZIP Mail Gateway are trademarks or registered trademarks in the U.S.A. and other countries. Any other trademarks are used for identification purposes only and remain the property of their respective owners. United States 648 N. Plankinton Ave., Suite 220 Milwaukee, WI PKWARE UK/EMEA Crown House 72 Hammersmith Road London W14 8TH United Kingdom ph: +44 (0)
Spotlight on Mainframe Security: Privacy in the Data Center
Spotlight on Mainframe Security: Privacy in the Data Center P K W A R E W H I T E P A P E R WP 700.xxxx Table of Contents Introduction 3 From Terminal Server to Data Server 4 Data-centric Security 5 Considering
More informationEnd-to-End Enterprise Encryption:
End-to-End Enterprise Encryption: A Look at SecureZIP Technology T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents SecureZIP Executive Summary SecureZIP: The Next Generation of ZIP PKZIP:
More informationSecure your data. Wherever it is, Wherever it goes, However it gets there...on all major platforms. For every user.
Secure your data. Wherever it is, Wherever it goes, However it gets there......on all major platforms. For every user. SecureZIP Product Family SecureZIP products are designed as enterprise-class, data-centric
More informationContingency Access to Enterprise Encrypted Data
T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents No option to escrow Passphrase protection zseries example Incorporating contingency key in zseries Windows command line example Incorporating
More informationSecurity Inspection Inc. Solutions to secure your network
Security Inspection Inc. TM Solutions to secure your network Secure Cloud Utilization Strategies! responsibilities Out of 127 cloud providers surveyed, a recently released study showed that only 25% of
More informationCloud Courses Description
Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationWhite Paper Delivering Web Services Security: The Entrust Secure Transaction Platform
White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationThe Private Cloud Your Controlled Access Infrastructure
White Paper: Private Clouds The ongoing debate on the differences between a Public and Private Cloud are broad and often loud. The bottom line is that it s really about how the resource, or computing power,
More informationWhite Paper. From Policy to Practice: A Practical Guide to Implementing HIPAA Security Safeguards
From Policy to Practice: A Practical Guide to Implementing HIPAA Security Safeguards Abstract HIPAA requires a number of administrative, technical, and physical safeguards to protect patient information
More informationTufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.
Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao Guocui.gao@tufts.edu Mentor:
More informationGuide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid)
The World Internet Security Company Solutions for Security Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid) Wherever Security relies on Identity, WISeKey has
More informationIBM Tivoli Federated Identity Manager
IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations
More informationCLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY
CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,
More informationSecurity Considerations for Public Mobile Cloud Computing
Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of
More informationTOP SECRETS OF CLOUD SECURITY
TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3
More informationWhitePaper. Private Cloud Computing Essentials
Private Cloud Computing Essentials The 2X Private Cloud Computing Essentials This white paper contains a brief guide to Private Cloud Computing. Contents Introduction.... 3 About Private Cloud Computing....
More informationDynamic Security for the Hybrid Cloud
Dynamic Security for the Hybrid Cloud Marc van Zadelhoff, VP Strategy, Marketing and Product Management, IBM Security Nataraj Nagaratnam, Distinguished Engineer and CTO Security Solutions, IBM Security
More informationPublic Key Infrastructure (PKI)
Public Key Infrastructure (PKI) In this video you will learn the quite a bit about Public Key Infrastructure and how it is used to authenticate clients and servers. The purpose of Public Key Infrastructure
More informationcontrolling the risks and costs surrounding dormant vms
Secure Dormant vms Meet Compliance Reduce Costs Simplify it infrastructure controlling the risks and costs surrounding dormant vms Whitepaper Table of Contents Executive Summary...pg 1 Introduction...pg
More informationThe Evolving Threat Landscape and New Best Practices for SSL
The Evolving Threat Landscape and New Best Practices for SSL sponsored by Dan Sullivan Chapter 2: Deploying SSL in the Enterprise... 16 Infrastructure in Need of SSL Protection... 16 Public Servers...
More informationData Storage Security in Cloud Computing
Data Storage Security in Cloud Computing Prashant M. Patil Asst. Professor. ASM s, Institute of Management & Computer Studies (IMCOST), Thane (w), India E_mail: prashantpatil11@rediffmail.com ABSTRACT
More informationCLOUD COMPUTING INTRODUCTION HISTORY
1 CLOUD COMPUTING INTRODUCTION 1. Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). The name comes from
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationI D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!
I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationAddressing Data Security Challenges in the Cloud
Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationAddressing Security for Hybrid Cloud
Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationHow to Turn the Promise of the Cloud into an Operational Reality
TecTakes Value Insight How to Turn the Promise of the Cloud into an Operational Reality By David Talbott The Lure of the Cloud In recent years, there has been a great deal of discussion about cloud computing
More informationHow To Secure Cloud Computing
Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,
More informationqwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb nmqwertyuiopasdfghjklzxcvbnmqwer
qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb nmqwertyuiopasdfghjklzxcvbnmqwer Problems Faced by Cloud Computing tyuiopasdfghjklzxcvbnmqwertyuiopas
More informationCLOUD COMPUTING IN HIGHER EDUCATION
Mr Dinesh G Umale Saraswati College,Shegaon (Department of MCA) CLOUD COMPUTING IN HIGHER EDUCATION Abstract Technology has grown rapidly with scientific advancement over the world in recent decades. Therefore,
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationFundamental Concepts and Models
Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract
More informationWHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
More informationCloud Computing Flying High (or not) Ben Roper IT Director City of College Station
Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationAuthentication Strategy: Balancing Security and Convenience
Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationCLOUD COMPUTING SECURITY ISSUES
CLOUD COMPUTING SECURITY ISSUES Florin OGIGAU-NEAMTIU IT Specialist The Regional Department of Defense Resources Management Studies, Brasov, Romania The term cloud computing has been in the spotlights
More informationA guide for creating a more secure, efficient managed file transfer methodology
Sterling Connect:Direct & SecureZIP A guide for creating a more secure, efficient managed file transfer methodology JOE STURONAS CHIEF TECHNOLOGY OFFICER, PKWARE FORREST RATLIFF SOLUTIONS ENGINEER, PKWARE
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationCLOUD COMPUTING. A Primer
CLOUD COMPUTING A Primer A Mix of Voices The incredible shrinking CIO CIO Magazine, 2004 IT Doesn t Matter, The cloud will ship service outside the institution and ship power from central IT groups to
More informationCutting Through the Hype: Straight Talk About the Mainframe and Cloud Computing. Straight talk on cloud computing
Glenn Anderson, IBM Lab Services and Training Cutting Through the Hype: Straight Talk About the Mainframe and Cloud Computing Summer SHARE August 2014 Session 15593 Straight talk on cloud computing What
More informationSkoot Secure File Transfer
Page 1 Skoot Secure File Transfer Sharing information has become fundamental to organizational success. And as the value of that information whether expressed as mission critical or in monetary terms increases,
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationCloud Computing: What IT Professionals Need to Know
Learning Cloud Computing: What IT Professionals Need to Know Cloud computing promises new career opportunities for IT professionals. In many cases, existing core skill sets transfer directly to cloud technologies.
More informationCloud Computing for SCADA
Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft Larry
More informationCitrix GoToAssist Service Desk Security
Citrix GoToAssist Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. 2 Many service
More informationFidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1
Fidelis XPS Power Tools Gaining Visibility Into Your Cloud: Cloud Services Security February 2012 PAGE 1 PAGE 1 Introduction Enterprises worldwide are increasing their reliance on Cloud Service providers
More informationData Centers and Cloud Computing. Data Centers
Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing 1 Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationEXTENSIVE FEATURE DESCRIPTION SECUNIA CORPORATE SOFTWARE INSPECTOR. Non-intrusive, authenticated scanning for OT & IT environments. secunia.
Non-intrusive, authenticated scanning for OT & IT environments The situation: convenience vs. security Interconnectivity between organizations and corporate networks, the internet and the cloud and thus
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationStrong Authentication for Secure VPN Access
Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations
More informationSecurity Issues In Cloud Computing and Countermeasures
Security Issues In Cloud Computing and Countermeasures Shipra Dubey 1, Suman Bhajia 2 and Deepika Trivedi 3 1 Department of Computer Science, Banasthali University, Jaipur, Rajasthan / India 2 Department
More informationUnderstanding and Integrating KODAK Picture Authentication Cameras
Understanding and Integrating KODAK Picture Authentication Cameras Introduction Anyone familiar with imaging software such as ADOBE PHOTOSHOP can appreciate how easy it is manipulate digital still images.
More informationA Study on Secure Electronic Medical DB System in Hospital Environment
A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133
More informationIJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33
CLOUD COMPUTING NEW TECHNOLOGIES 1 Gokul krishnan. 2 M, Pravin raj.k, 3 Ms. K.M. Poornima 1, 2 III MSC (software system), 3 Assistant professor M.C.A.,M.Phil. 1, 2, 3 Department of BCA&SS, 1, 2, 3 Sri
More informationTutorial on Client-Server Architecture
Tutorial on Client-Server Architecture SEEM3430 Information Systems Analysis and Design Pengfei Liu Department of Systems Engineering and Engineering Management The Chinese University of Hong Kong March
More informationA Secure Authenticate Framework for Cloud Computing Environment
A Secure Authenticate Framework for Cloud Computing Environment Nitin Nagar 1, Pradeep k. Jatav 2 Abstract Cloud computing has an important aspect for the companies to build and deploy their infrastructure
More informationKristin Donceel (Kristin_Donceel@be.ibm.com) June 2013. 2013 IBM Corporation
The Story of Cloud and IBM zenterprise - Accelerating Cloud with IBM zenterprise - A secure cloud for data enables enterprises to improve service to their customers Kristin Donceel (Kristin_Donceel@be.ibm.com)
More informationCERTIFICATE PROGRAMME ON CLOUD SPECIALISTS DEVELOPMENT
CERTIFICATE PROGRAMME ON CLOUD SPECIALISTS DEVELOPMENT Present awareness and demands of cloud computing calls for increasing needs of cloud specialists development noticeably worldwide. VMware's Singapore
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationCARTES 2012 Demo presentation. Secure Cloud Storage
CARTES 2012 Demo presentation Cloud Computing: NIST Framework Public Private Hybrid Deployment model Infrastructure as a service (IaaS Platform as a service (PaaS) Software as a service (SaaS) Service
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK REVIEW ON MOBILE APPLICATION IN A CLOUD COMPUTING SECURE AND SCALABLE USING CLOUD
More informationCloud Computing. Following the American Psychological Association s Guidelines. Dustin Self. The University of North Texas
Running Head: CLOUD COMPUTING 1 Cloud Computing Following the American Psychological Association s Guidelines Dustin Self The University of North Texas 2 Cloud Computing by Dustin Self ABSTRACT According
More informationCloud Computing. Chapter 1 Introducing Cloud Computing
Cloud Computing Chapter 1 Introducing Cloud Computing Learning Objectives Understand the abstract nature of cloud computing. Describe evolutionary factors of computing that led to the cloud. Describe virtualization
More informationA Mainframe Guy and Cloud Computing
A Mainframe Guy and Cloud Computing Per Fremstad, IBM pensjonist 2 Computing models: A bit of history 1950 s / 60 s / 70 s - Centralized Sharing and reliability Dumb, text-based terminals ----> PC s 1980
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationEnsuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management
Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management Table of Contents Executive Summary... 3 Introduction: Cloud Deployment Models... 3 Private Clouds...3 Public
More informationSecurity Model for VM in Cloud
Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,
More informationLauraʹs Corner The CLEVER Solution: Working with Encrypted Data
Page 1 of 5 CLEVER Solutions Empowering Global Enterprise Case Study: Working with Encrypted Data Most IT organizations moving to cloud based, Big Data, and/or highly virtualized service management infrastructures
More informationA COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012
A COALFIRE PERSPECTIVE Moving to the Cloud A Summary of Considerations for Implementing Cloud Migration Plans into New Business Platforms NCHELP Spring Convention Panel May 2012 DALLAS DENVER LOS ANGELES
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationAN INVESTIGATION OF SECURITY THEME FOR CLOUD COMPUTING
AN INVESTIGATION OF SECURITY THEME FOR CLOUD COMPUTING Mrs. J. Pavithra 1 Mr. A. Naveen 2 1 (MRIT, Hyderabad, India, jpav23@gmail.com) 2 (Asst. Professor, MRIT, Hyderabad, India, a.naveen21@gmail.com)
More informationPKWARE Inc. 648 N. Plankinton Ave. Suite # 220 Milwaukee, WI 53203 USA. www.pkware.com. Main Phone: 414.289.9788 Fax: 414.289.9789
2011FAAI T/ I SS PARTNERSHI PANDTRAI NI NGCONFERENCE S e c u r e Z I P f o r Wi n d o ws De s k t o pt r a i n i n gma n u a l T i p s f o r u s i n gs e c u r e Z I Pf o r Wi n d o ws De s k t o pv 1
More informationCLOUD COMPUTING An Overview
CLOUD COMPUTING An Overview Abstract Resource sharing in a pure plug and play model that dramatically simplifies infrastructure planning is the promise of cloud computing. The two key advantages of this
More informationCLOUD COMPUTING AND ITS SECURITY ASPECTS
CLOUD COMPUTING AND ITS SECURITY ASPECTS Subhash Basishtha 1, Saptarshi Boruah 2 1 Department of Information Technology, Assam University, Silchar-788011, India 2 Department of Information Technology,
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationEnterprise effectiveness of digital certificates: Are they ready for prime-time?
Enterprise effectiveness of digital certificates: Are they ready for prime-time? by Jim Peterson As published in (IN)SECURE Magazine issue 22 (September 2009). www.insecuremag.com www.insecuremag.com 1
More informationData Centers and Cloud Computing. Data Centers. MGHPCC Data Center. Inside a Data Center
Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises
More informationAdvanced Service Desk Security
Advanced Service Desk Security Robust end-to-end security measures have been built into the GoToAssist Service Desk architecture to ensure the privacy and integrity of all data. gotoassist.com Many service
More informationSECURITY ARCHITECTURE FOR MOBILE CLOUD COMPUTING
SECURITY ARCHITECTURE FOR MOBILE CLOUD COMPUTING Ali Newaz Bahar 1*, Md. Ahsan Habib 2, Md. Manowarul Islam 3 1, 2, 3 Department of Information and Communication Technology, Mawlana Bhashani Science and
More informationConsolidated security management for mainframe clouds
Security Thought Leadership White Paper February 2012 Consolidated security management for mainframe clouds Leveraging the mainframe as a security hub for cloud-computing environments 2 Consolidated security
More informationhyperguard Defining a dwaf to secure cloud applications By Alexander Meisel, CTO and Co-Founder
1 Whitepaper hyperguard Defining a dwaf to secure cloud applications By Alexander Meisel, CTO and Co-Founder Whitepaper Safety in the Cloud(s): Vaporizing the Web Application Firewall to Secure Cloud Computing
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationSECURE YOUR DATA EXCHANGE WITH SAFE-T BOX
SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data
More informationData Integrity by Aes Algorithm ISSN 2319-9725
Data Integrity by Aes Algorithm ISSN 2319-9725 Alpha Vijayan Nidhiya Krishna Sreelakshmi T N Jyotsna Shukla Abstract: In the cloud computing, data is moved to a remotely located cloud server. Cloud will
More informationPublic Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.
Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value
More informationLecture 02a Cloud Computing I
Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking
More informationRSA Digital Certificate Solution
RSA Digital Certificate Solution Create and strengthen layered security Trust is a vital component of modern computing, whether it is between users, devices or applications in today s organizations, strong
More information