Usage Control in Cloud Systems

Size: px
Start display at page:

Download "Usage Control in Cloud Systems"

Transcription

1 Usage Control in Cloud Systems Paolo Mori Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa Italy

2 Agenda Examples of usage of Cloud services Usage Control Model Policy Language Authorization system architecture Integration with OpenNebula and CONTRAIL Cloud Federation

3 Cloud Security Most of the well-known security issues of IT systems are still valid in the Cloud New security issues due to Cloud peculiarities Users Cloud services providers Reports on Cloud Security CSA NIST ENISA...

4 Examples of usage of IaaS Cloud A researcher creates a new Virtual Machine to manage the SVN of each new project he starts NESSoS project users create a new Virtual Machine on the NESSoS Cloud Execution Environment to develope their applications using NESSoS Eclipse development tools

5 Examples of usage of IaaS Cloud A researcher creates a new Virtual Machine to manage the SVN of each new project he starts 1 3 years NESSoS project users create a new Virtual Machine on the NESSoS Cloud Execution Environment to develope their applications using NESSoS Eclipse development tools 6 months g n i t s a es l g ss n lo cce a

6 Other examples of Cloud usage CONTRAIL project use cases: Distributed Provisioning of Geo-referentiated Data Multimedia Processing Service MarketPlace Real-Time Scientific Data Analysis Electronic Drug Discovery g n i t as es l g ss n lo cce a

7 IaaS Cloud Accesses IMG usage VM usage Time Start VM Create IMG Stop VM Delete IMG

8 Authorization of Long Lasting Accesses

9 Usage Control Model Defined by R. Sandhu et. al. The UCON Usage Control Model. ACM Trans. on Information and System Security, 7(1), 2004 Formal Model and Policy Specification of Usage Control. ACM Trans. on Information and System Security, 8(4), 2005 Towards a Usage-Based Security Framework for Collaborative Computing Systems. ACM Trans. on Information and System Security, 11(1), Main novelties New decision factors: Obligations and Conditions Mutability of Attributes Continuity of Policy Enforcement

10 Usage Control Model Defined by R. Sandhu et. al. The UCON Usage Control Model. ACM Trans. on Information and System Security, 7(1), 2004 Formal Model and Policy Specification of Usage Control. ACM Trans. on Information and System Security, 8(4), 2005 Towards a Usage-Based Security Framework for Collaborative Computing Systems. ACM Trans. on Information and System Security, 11(1), Main novelties New decision factors: Obligations and Conditions Mutability of Attributes Continuity of Policy Enforcement

11 Mutable Attributes Change their value frequently, as a consequence of the decision process Paired with users and resources Examples: Reputation of users: changes as a consequence of the accesses performed by the user Workload of systems: changes when new applications are started and when running applications are terminated

12 Continuity of Policy Enforcement The decisions process is done continuously (OnGoing decision) while the access right is exercised, and the access is interrupted when the right does not hold any more Examples: OnGoing Authorization: the right of accessing a resource is granted as long as the reputation of the user is GOOD. OnGoing Obligation: the right of accessing a resource is granted as long as the user keeps an advertisement window opened.

13 Access VS Usage Control Continuity of decision Decision Pre decision Access request Usage Ongoing decision end begin Before usage Usage After usage Mutability of attributes Attr. update Pre update Ongoing update Post update Time

14 Access VS Usage Control Traditional Access Control Continuity of decision Decision Pre decision Access request Usage Ongoing decision end begin Before usage Usage After usage Mutability of attributes Attr. update Pre update Ongoing update Post update Time

15 Access VS Usage Control Continuity of decision Decision Pre decision Access request Usage Ongoing decision revocation begin Before usage Usage After usage Mutability of attributes Attr. update Pre update Ongoing update Post update Time

16 Why Usage Control in Cloud? Accesses to some resources are long-lasting (hours, days,..) e.g., Virtual Machines in IaaS model The factors that granted the access when it was requested could change while the access is in progress User's reputation could decrease Workload of resources could change... The policy should be re-evaluated every time factors change An access that is in progress could be interrupted

17 Example of Usage Control Policies In natural language: Users with role RegisteredUser can run Virtual Machines as long as their reputation is equal or higher than GOOD Users with role Guest can run Virtual Machines as long as the overall workload is lower than HIGH and their reputation is equal to VERYGOOD

18 Security Policy Language

19 UCON XACML Security Policy Language XACML is a widely used standard for expressing security policies NIST recommends its use for authorization in Cloud We extended XACML to implement UCON features: Attributes update Continuous control Preliminary work: A proposal on enhancing XACML with continuous usage control features. CoreGrid ERCIM WG Workshop on Grids, P2P and Service Computing, 2009

20 Example of UCON-XACML policy

21 Usage Control System

22 XACML Reference Architecture Access Control System access req PEP PEP PEP permit/deny Context handler PDP PAP PIP

23 Usage Control System Extension of the XACML reference architecture to deal with continuous policy enforcement: PEPs intercept END of accesses (besides access requests) Session Manager (new component) keeps trace of accesses in progress PIP monitors mutable attributes Triggers the re-evaluation of the security policy PDP revokes ongoing accesses

24 Usage Control System Architecture Usage Control System Session Manager try access permit/deny PEP PEP PEP revoke access end access Context handler PDP PAP PIP

25 Prototypes 1)Extension of support authorization Resources: VMs 2)CONTRAIL project: integration with Cloud Federation manager Resources: applications (set of VMs running on distinct Cloud providers)

26 Integration with OpenNebula Usage Control System Authz Driver Session Manager PEP Core PEP Context handler Hook Manager PEP PDP PAP PIP

27 Design, implement, validate and promote an open source software stack for Cloud federations Develop a comprehensive Cloud platform integrating a full IaaS and PaaS offer Advanced SLA management Advanced security support Federated authentication Usage Control

28 Usage Control System Performance Ongoing accesses revocation resources per provider 5 resources per provider Time (ms) Number of providers

29 Papers A. Lazouski, G. Mancini F. Martinelli, P. Mori: Usage Control in Cloud Systems. In Procedings of The 3rd International workshop on Cloud Applications and Security (CAS 12), IEEE Computer Society (2012) A. Lazouski, F. Martinelli, P. Mori: A Prototype for Enforcing Usage Control Policies Based on XACML. In Proceedings of the 9th International Conference on Trust, Privacy and Security in Digital Business (TrustBus'12), LNCS 7449, Springer (2012) L. Krautsevich, A. Lazouski, F. Martinelli, P. Mori, A. Yautsiukhin: Integration of Quantitative Methods for Risk Evaluation within Usage Control Policies. In Procedings of International Conference on Computer Communications and Networks (ICCCN2013) (2013)

30 EU Projects Network of Excellence on Engineering Secure Future Internet Software Service and System Oct 2010 apr 2014 Open Computing Infrastructures for elastic Services Oct 2010 feb 2014 Confidential and Compliant Clouds Nov 2013 oct 2016

31 Thank you!! Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa Italy

32 UCON-XACML Policy Schema

QoS Resource Management for Cloud Federations

QoS Resource Management for Cloud Federations QoS Resource Management for Cloud Federations Gaetano F. Anastasi National Council of Research (CNR), Pisa, Italy Pisa, June 16th, 2014 gaetano.anastasi@isti.cnr.it QoS Management for Cloud Federations

More information

PoS(ISGC 2012)019. The CONTRAIL approach to Cloud Federations. Massimo Coppola, Patrizio Dazzi. Aliaksandr Lazouski, Fabio Martinelli, Paolo Mori

PoS(ISGC 2012)019. The CONTRAIL approach to Cloud Federations. Massimo Coppola, Patrizio Dazzi. Aliaksandr Lazouski, Fabio Martinelli, Paolo Mori Massimo Coppola, Patrizio Dazzi Istituto di Scienza e Tecnologie dell Informazione Consiglio Nazionale delle Ricerche Pisa, Italy Aliaksandr Lazouski, Fabio Martinelli, Paolo Mori Istituto di Informatica

More information

Access Control of Cloud Service Based on UCON

Access Control of Cloud Service Based on UCON Access Control of Cloud Service Based on UCON Chen Danwei, Huang Xiuli, and Ren Xunyi Nanjing University of posts & Telecommunications, New Model Street No.66, 210003, Nanjing, China chendw@njupt.edu.cn,

More information

XtreemOS and Cloud Computing Alvaro Arenas E-Science Centre Science and Technologies Facilities Council, UK XtreemOS in a Nutshell An open source Linux-based Grid Operating System with native VO support

More information

Private Cloud Database Consolidation with Exadata. Nitin Vengurlekar Technical Director/Cloud Evangelist

Private Cloud Database Consolidation with Exadata. Nitin Vengurlekar Technical Director/Cloud Evangelist Private Cloud Database Consolidation with Exadata Nitin Vengurlekar Technical Director/Cloud Evangelist Agenda Private Cloud vs. Public Cloud Business Drivers for Private Cloud Database Architectures for

More information

The European Platform in Network and Information Security (NIS) Fabio Martinelli

The European Platform in Network and Information Security (NIS) Fabio Martinelli The European Platform in Network and Information Security (NIS) Fabio Martinelli Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche IIT-CNR, Pisa, Italy Cyber security directive -

More information

Cloud Federations in Contrail

Cloud Federations in Contrail Cloud Federations in Contrail Emanuele Carlini 1,3, Massimo Coppola 1, Patrizio Dazzi 1, Laura Ricci 1,2, GiacomoRighetti 1,2 " 1 - CNR - ISTI, Pisa, Italy" 2 - University of Pisa, C.S. Dept" 3 - IMT Lucca,

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Parametric Attack Graph Construction and Analysis

Parametric Attack Graph Construction and Analysis Parametric Attack Graph Construction and Analysis Leanid Krautsevich Department of Computer Science, University of Pisa Largo Bruno Pontecorvo 3, Pisa 56127, Italy Istituto di Informatica e Telematica,

More information

goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services

goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum

More information

Seed4C: A Cloud Security Infrastructure validated on Grid 5000

Seed4C: A Cloud Security Infrastructure validated on Grid 5000 Seed4C: A Cloud Security Infrastructure validated on Grid 5000 E. Caron 1, A. Lefray 1, B. Marquet 2, and J. Rouzaud-Cornabas 1 1 Université de Lyon. LIP Laboratory. UMR CNRS - ENS Lyon - INRIA - UCBL

More information

Access Control Framework of Personal Cloud based on XACML

Access Control Framework of Personal Cloud based on XACML Access Control Framework of Personal Cloud based on XACML 1 Jun-Young Park, 2 Young-Rok Shin, 3 Kyoung-Hun Kim, 4 Eui-Nam Huh 1First Author, 2 Kyung Hee University, {parkhans, shinyr}@khu.ac.kr 3 Gangdong

More information

Software Design Specification (SDS)

Software Design Specification (SDS) Website: http://ais.seecs.nust.edu.pk/ E-mail: ais.kth@seecs.edu.pk Software Design Specification (SDS) Extensible Access Control Framework for Cloud Based Applications (National ICT R&D Funded Project)

More information

Dynamic Access Control Infrastructure for On-demand Provisioned Cloud Services

Dynamic Access Control Infrastructure for On-demand Provisioned Cloud Services Dynamic Access Control Infrastructure for On-demand Provisioned Cloud Services Canh Ngo SNE Group, University of Amsterdam OGF-ISOD 33 September 19-21, 2011 Lyon, 2011 Agenda Introduction Scenario Motivation

More information

Toward a Usage-Based Security Framework for Collaborative Computing Systems

Toward a Usage-Based Security Framework for Collaborative Computing Systems Toward a Usage-Based Security Framework for Collaborative Computing Systems XINWEN ZHANG Samsung Information Systems America MASAYUKI NAKAE NEC Corporation MICHAEL J. COVINGTON Intel Corporation and RAVI

More information

DEMO: Enforcing Security Policies on JVM

DEMO: Enforcing Security Policies on JVM DEMO: Enforcing Security Policies on JVM Paolo Mori Istituto di Informatica e Telematica CNR - Pisa - Italy Outline Fine-grained & History-based access control Credential-based access control Security

More information

Dynamic Resource management with VM layer and Resource prediction algorithms in Cloud Architecture

Dynamic Resource management with VM layer and Resource prediction algorithms in Cloud Architecture Dynamic Resource management with VM layer and Resource prediction algorithms in Cloud Architecture 1 Shaik Fayaz, 2 Dr.V.N.Srinivasu, 3 Tata Venkateswarlu #1 M.Tech (CSE) from P.N.C & Vijai Institute of

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

Secure Identity in Cloud Computing

Secure Identity in Cloud Computing Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective

More information

Cloud Computing Standards: Overview and ITU-T positioning

Cloud Computing Standards: Overview and ITU-T positioning ITU Workshop on Cloud Computing (Tunis, Tunisia, 18-19 June 2012) Cloud Computing Standards: Overview and ITU-T positioning Dr France Telecom, Orange Labs Networks & Carriers / R&D Chairman ITU-T Working

More information

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services Ronnie D. Caytiles and Byungjoo Park * Department of Multimedia Engineering, Hannam University

More information

21/09/11. Introduction to Cloud Computing. First: do not be scared! Request for contributors. ToDO list. Revision history

21/09/11. Introduction to Cloud Computing. First: do not be scared! Request for contributors. ToDO list. Revision history Request for contributors Introduction to Cloud Computing https://portal.futuregrid.org/contrib/cloud-computing-class by various contributors (see last slide) Hi and thanks for your contribution! If you

More information

Bringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com

Bringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Bringing Cloud Security Down to Earth Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Agenda About Nemertes Cloud Dynamics and Adoption Assessing Risk of Cloud Services

More information

Towards a New Model for the Infrastructure Grid

Towards a New Model for the Infrastructure Grid INTERNATIONAL ADVANCED RESEARCH WORKSHOP ON HIGH PERFORMANCE COMPUTING AND GRIDS Cetraro (Italy), June 30 - July 4, 2008 Panel: From Grids to Cloud Services Towards a New Model for the Infrastructure Grid

More information

An Introduction to Virtualization and Cloud Technologies to Support Grid Computing

An Introduction to Virtualization and Cloud Technologies to Support Grid Computing New Paradigms: Clouds, Virtualization and Co. EGEE08, Istanbul, September 25, 2008 An Introduction to Virtualization and Cloud Technologies to Support Grid Computing Distributed Systems Architecture Research

More information

SAFAX. Administrator Manual. TU/e Security Group. User Management Statistics Issues Register Service

SAFAX. Administrator Manual. TU/e Security Group. User Management Statistics Issues Register Service 2015 SAFAX User Management Statistics Issues Register Service TU/e Security Group Table of Contents Introduction... 2 List of Acronyms and Definitions... 3 List of Acronyms... 3 List of Definitions...

More information

Cloud Computing Governance & Security. Security Risks in the Cloud

Cloud Computing Governance & Security. Security Risks in the Cloud Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud

More information

Cloud Computing An Introduction

Cloud Computing An Introduction Cloud Computing An Introduction Distributed Systems Sistemi Distribuiti Andrea Omicini andrea.omicini@unibo.it Dipartimento di Informatica Scienza e Ingegneria (DISI) Alma Mater Studiorum Università di

More information

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011 A Strawman Model NIST Cloud Computing Reference Architecture and Taxonomy Working Group January 3, 2011 Objective Our objective is to define a neutral architecture consistent with NIST definition of cloud

More information

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot

More information

Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) Infrastructure as a Service (IaaS) (ENCS 691K Chapter 4) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Moreno et al.,

More information

Managing and Analyzing Changes of Security Policies

Managing and Analyzing Changes of Security Policies A Framework for Managing and Analyzing Changes of Security Policies Achim D. Brucker Helmut Petritsch {achim.brucker, helmut.petritsch}@sap.com SAP esearch Karlsruhe Germany IEEE International Symposium

More information

Federated authorization for SaaS applications

Federated authorization for SaaS applications Federated authorization for SaaS applications Maarten Decat, Bert Lagaisse, Wouter Joosen IBBT-DistriNet, KU Leuven, 3001 Leuven, Belgium Abstract. With Software-as-a-Service (SaaS), a centrally hosted

More information

ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213

ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 Application Compatibility Many organizations have business critical or internally

More information

Work in Progress on Cloud Computing in Myriads Team and Contrail European Project Christine Morin, Inria

Work in Progress on Cloud Computing in Myriads Team and Contrail European Project Christine Morin, Inria Potential collaboration talk Work in Progress on Cloud Computing in Myriads Team and Contrail European Project Christine Morin, Inria Design and implementation of autonomous distributed systems Internet

More information

Federated Community Cloud Team Report

Federated Community Cloud Team Report Federated Community Cloud Team Report Requirement 5: Frameworks to support seamless implementation of federated community cloud environments Alan F. Sill, Ph.D. Vice President of Standards, Open Grid Forum

More information

Working Group on. First Working Group Meeting 29.5.2012

Working Group on. First Working Group Meeting 29.5.2012 Working Group on Cloud Security and Privacy (WGCSP) First Working Group Meeting 29.5.2012 1 Review of fexisting i Standards d and Best Practices on Cloud Security Security Standards and Status List of

More information

Entitlements Access Management for Software Developers

Entitlements Access Management for Software Developers Entitlements Access Management for Software Developers Market Environment The use of fine grained entitlements and obligations control for access to sensitive information and services in software applications

More information

Open Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0

Open Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0 sm Open Data Center Alliance Usage: Identity Interoperability Guide rev. 1.0 Open Data Center Alliance Usage: Identity Interoperability Guide Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary...

More information

Software and Cloud Security

Software and Cloud Security 1 Lecture 12: Software and Cloud Security 2 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and

More information

Georgiana Macariu, Dana Petcu, CiprianCraciun, Silviu Panica, Marian Neagul eaustria Research Institute Timisoara, Romania

Georgiana Macariu, Dana Petcu, CiprianCraciun, Silviu Panica, Marian Neagul eaustria Research Institute Timisoara, Romania Open source API and platform for heterogeneous Cloud computing environments Georgiana Macariu, Dana Petcu, CiprianCraciun, Silviu Panica, Marian Neagul eaustria Research Institute Timisoara, Romania Problem

More information

Cloud and Virtualization to Support Grid Infrastructures

Cloud and Virtualization to Support Grid Infrastructures ESAC GRID Workshop '08 ESAC, Villafranca del Castillo, Spain 11-12 December 2008 Cloud and Virtualization to Support Grid Infrastructures Distributed Systems Architecture Research Group Universidad Complutense

More information

INTRODUCTION & CONCEPTS. Definition of Cloud Computing Service Models Deployment Models... 23

INTRODUCTION & CONCEPTS. Definition of Cloud Computing Service Models Deployment Models... 23 Contents I INTRODUCTION & CONCEPTS 17 1 Introduction to Cloud Computing 19 11 Introduction 111 Definition of Cloud Computing 20 12 Characteristics of Cloud Computing 20 13 Cloud Models 22 131 132 Service

More information

Introduction to Cloud Computing

Introduction to Cloud Computing Institute of Informatics - UFRGS September 2013 Outline Virtualization References Mell, P., & Grance, T. (2011). The NIST denition of cloud computing (draft).nist special publication, 800, 145. Bojanova,

More information

Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken )

Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken ) 23.11.2015 Jan Philipp Manager, Cyber Risk Services Enterprise Architect Security Challenges of Cloud Providers ( Wie baue ich sichere Luftschlösser in den Wolken ) Purpose today Introduction» Who I am

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

Secure Data Sharing and Processing in Heterogeneous Clouds. Bojan Suzic, Graz University of Technology

Secure Data Sharing and Processing in Heterogeneous Clouds. Bojan Suzic, Graz University of Technology Secure Data Sharing and Processing in Heterogeneous Clouds Bojan Suzic, Graz University of Technology 1 Presentation Outline SUNFISH Project Cloud Service for Public Administration Practical Approach Data

More information

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service

More information

A Runtime Monitoring Environment for Mobile Java

A Runtime Monitoring Environment for Mobile Java A Runtime Monitoring Environment for Mobile Java Fabio Martinelli Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa, Italy fabio.martinelli@iit.cnr.it Thomas Quillinan Vrije

More information

Cloud Computing. What Are We Handing Over? Ganesh Shankar Advanced IT Core Pervasive Technology Institute

Cloud Computing. What Are We Handing Over? Ganesh Shankar Advanced IT Core Pervasive Technology Institute Cloud Computing What Are We Handing Over? Ganesh Shankar Advanced IT Core Pervasive Technology Institute Why is the Cloud Relevant to In the current research workflow. Medical Research? Data volumes are

More information

Healthcare Data in the Cloud A Gathering Storm of Governance. Erik Pupo Senior Manager, Deloitte

Healthcare Data in the Cloud A Gathering Storm of Governance. Erik Pupo Senior Manager, Deloitte Healthcare Data in the Cloud A Gathering Storm of Governance Erik Pupo Senior Manager, Deloitte Objectives for this Webinar Explain what the healthcare cloud really means Highlight emerging challenges

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

Cloud deployment model and cost analysis in Multicloud

Cloud deployment model and cost analysis in Multicloud IOSR Journal of Electronics and Communication Engineering (IOSR-JECE) ISSN: 2278-2834, ISBN: 2278-8735. Volume 4, Issue 3 (Nov-Dec. 2012), PP 25-31 Cloud deployment model and cost analysis in Multicloud

More information

Cloud Database Demystified to Deliver SaaS Customer Value

Cloud Database Demystified to Deliver SaaS Customer Value Cloud Database Demystified to Deliver SaaS Customer Value 2 The business of Cloud Savvis ranks as a leader Magic Quadrant for Cloud Infrastructure-as-a-Service and Web Hosting The Magic Quadrant is copyrighted

More information

Cloud computing opens new perspectives for hosting

Cloud computing opens new perspectives for hosting ConPaaS: a Platform for Hosting Elastic Cloud Applications Guillaume Pierre Corina Stratan Vrije Universiteit Amsterdam Cloud computing opens new perspectives for hosting applications. From an application

More information

Introduction to Cloud Computing - 02

Introduction to Cloud Computing - 02 Introduction to Cloud Computing - 02 Iván Carrera Institute of Informatics - UFRGS September 2013 Outline Platform as a Service Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS

More information

ITU- T Focus Group Cloud Compu2ng

ITU- T Focus Group Cloud Compu2ng ITU- T Focus Group Cloud Compu2ng International Telecommunication Union 1 ITU-T FG Cloud Management & Structure Management team: Chairman: Victor Kutukov (Russia) Vice-Chairman: Jamil Chawki (France Telecom

More information

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 ISSN 2229-5518

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 ISSN 2229-5518 International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 Software as a Model for Security in Cloud over Virtual Environments S.Vengadesan, B.Muthulakshmi PG Student,

More information

Cloud Computing with Azure PaaS for Educational Institutions

Cloud Computing with Azure PaaS for Educational Institutions International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 4, Number 2 (2014), pp. 139-144 International Research Publications House http://www. irphouse.com /ijict.htm Cloud

More information

Permanent Link: http://espace.library.curtin.edu.au/r?func=dbin-jump-full&local_base=gen01-era02&object_id=154091

Permanent Link: http://espace.library.curtin.edu.au/r?func=dbin-jump-full&local_base=gen01-era02&object_id=154091 Citation: Alhamad, Mohammed and Dillon, Tharam S. and Wu, Chen and Chang, Elizabeth. 2010. Response time for cloud computing providers, in Kotsis, G. and Taniar, D. and Pardede, E. and Saleh, I. and Khalil,

More information

Cloud Infrastructure Pattern

Cloud Infrastructure Pattern 1 st LACCEI International Symposium on Software Architecture and Patterns (LACCEI-ISAP-MiniPLoP 2012), July 23-27, 2012, Panama City, Panama. Cloud Infrastructure Pattern Keiko Hashizume Florida Atlantic

More information

Information Security Management System for Cloud Computing

Information Security Management System for Cloud Computing ICT Innovations 2011 Web Proceedings ISSN 1857-7288 49 Information Security Management System for Cloud Computing Sashko Ristov, Marjan Gushev, and Magdalena Kostoska Ss. Cyril and Methodius University

More information

SAFAX. External Clients. TU/e Security Group

SAFAX. External Clients. TU/e Security Group 2016 SAFAX Policy Evaluation Deploy Policy TU/e Security Group Table of Contents Introduction... 2 List of Acronyms and Definitions... 3 List of Acronyms... 3 List of Definitions... 3 General Steps...

More information

Extended RBAC Based Design and Implementation for a Secure Data Warehouse

Extended RBAC Based Design and Implementation for a Secure Data Warehouse Extended RBAC Based Design and Implementation for a Data Warehouse Dr. Bhavani Thuraisingham The University of Texas at Dallas bhavani.thuraisingham@utdallas.edu Srinivasan Iyer The University of Texas

More information

Digital Policy Management Framework for Attribute-Based Access Control

Digital Policy Management Framework for Attribute-Based Access Control Digital Policy Management Framework for Attribute-Based Access Control Contract Milestone Task 12.1 19 December 2014 The Johns Hopkins University Applied Physics Laboratory Table of Contents Executive

More information

When Security, Privacy and Forensics Meet in the Cloud

When Security, Privacy and Forensics Meet in the Cloud When Security, Privacy and Forensics Meet in the Cloud Dr. Michaela Iorga, Senior Security Technical Lead for Cloud Computing Co-Chair, Cloud Security WG Co-Chair, Cloud Forensics Science WG March 26,

More information

It s All About Cloud Key Concepts, Players, Platforms And Technologies

It s All About Cloud Key Concepts, Players, Platforms And Technologies It s All About Cloud Key Concepts, Players, Platforms And Technologies 3-day seminar Description Cloud computing has gained a lot of attention in recent years. It has mostly been used for non business

More information

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind

More information

SPECS Secure Provisioning of Cloud Services based on SLA Management

SPECS Secure Provisioning of Cloud Services based on SLA Management SPECS Secure Provisioning of Cloud Services based on SLA Management SPECS Project CeRICT, Italy (coordinator) TUD, Germany IeAT, Romania CSA, United Kingdom FP7-ICT-10-610795 Project Start: 1/11/2013 Project

More information

Fundamental Concepts and Models

Fundamental Concepts and Models Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract

More information

Cloud Computing Architectures and Design Issues

Cloud Computing Architectures and Design Issues Cloud Computing Architectures and Design Issues Ozalp Babaoglu, Stefano Ferretti, Moreno Marzolla, Fabio Panzieri {babaoglu, sferrett, marzolla, panzieri}@cs.unibo.it Outline What is Cloud Computing? A

More information

IaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11

IaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11 Cloud Computing (IV) s and SPD Course 19-20/05/2011 Massimo Coppola IaaS! Objectives and Challenges! & management in s Adapted from two presentations! by Massimo Coppola (CNR) and Lorenzo Blasi (HP) Italy)!

More information

PROFESSIONAL INTERESTS WORK EXPERIENCE GINÉS DÓLERA TORMO CURRICULUM VITAE OCTOBER 2014

PROFESSIONAL INTERESTS WORK EXPERIENCE GINÉS DÓLERA TORMO CURRICULUM VITAE OCTOBER 2014 Ginés Dólera Tormo Phone: +49 176 90775273 E-mail: ginesdt@um.es Date of birth: 21 July, 1985 Nationality: Spanish Address: Dossenheimer Landsrtrasse 100 D-69121 Heidelberg, Germany PROFESSIONAL INTERESTS

More information

Ch. 4 - Topics of Discussion

Ch. 4 - Topics of Discussion CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture 6 Cloud Platform Architecture over Virtualized Data Centers Part -4 Cloud Security and Trust Management Text Book: Distributed

More information

Performance Management for Cloudbased STC 2012

Performance Management for Cloudbased STC 2012 Performance Management for Cloudbased Applications STC 2012 1 Agenda Context Problem Statement Cloud Architecture Need for Performance in Cloud Performance Challenges in Cloud Generic IaaS / PaaS / SaaS

More information

Auto-Scaling Model for Cloud Computing System

Auto-Scaling Model for Cloud Computing System Auto-Scaling Model for Cloud Computing System Che-Lun Hung 1*, Yu-Chen Hu 2 and Kuan-Ching Li 3 1 Dept. of Computer Science & Communication Engineering, Providence University 2 Dept. of Computer Science

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

Oracle Applications and Cloud Computing - Future Direction

Oracle Applications and Cloud Computing - Future Direction Oracle Applications and Cloud Computing - Future Direction February 26, 2010 03:00 PM 03:40 PM Presented By Subash Krishnaswamy skrishna@astcorporation.com Vijay Tirumalai vtirumalai@astcorporation.com

More information

Architectural Implications of Cloud Computing

Architectural Implications of Cloud Computing Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,

More information

Accelerating Cloud adoption with Security Level Agreements automation, monitoring and industry standards compliance

Accelerating Cloud adoption with Security Level Agreements automation, monitoring and industry standards compliance Accelerating Cloud adoption with Security Level Agreements automation, monitoring and industry standards compliance Cirrus Workshop, Vienna, Austria, November 19, 2013 Dr. Said Tabet Senior Technologist

More information

New Computing Models, and What They Mean to the Small and Mid-Sized Business Consumer

New Computing Models, and What They Mean to the Small and Mid-Sized Business Consumer New Computing Models, and What They Mean to the Small and Mid-Sized Business Consumer How your business can make practical decisions between The Cloud, Utility Computing and Hosted Services 1 Business

More information

EMI views on Cloud Computing

EMI views on Cloud Computing EMI views on Cloud Computing Florido Paganelli Lund University NorduGrid 2011, May 10th, Sundvolden, Norway Florido Paganelli (Lund University) EMI views on Cloud Computing NorduGrid2011 1 / 25 Outline

More information

What Is It? Business Architecture Research Challenges Bibliography. Cloud Computing. Research Challenges Overview. Carlos Eduardo Moreira dos Santos

What Is It? Business Architecture Research Challenges Bibliography. Cloud Computing. Research Challenges Overview. Carlos Eduardo Moreira dos Santos Research Challenges Overview May 3, 2010 Table of Contents I 1 What Is It? Related Technologies Grid Computing Virtualization Utility Computing Autonomic Computing Is It New? Definition 2 Business Business

More information

Environments, Services and Network Management for Green Clouds

Environments, Services and Network Management for Green Clouds Environments, Services and Network Management for Green Clouds Carlos Becker Westphall Networks and Management Laboratory Federal University of Santa Catarina MARCH 3RD, REUNION ISLAND IARIA GLOBENET 2012

More information

Towards the Magic Green Broker Jean-Louis Pazat IRISA 1/29. Jean-Louis Pazat. IRISA/INSA Rennes, FRANCE MYRIADS Project Team

Towards the Magic Green Broker Jean-Louis Pazat IRISA 1/29. Jean-Louis Pazat. IRISA/INSA Rennes, FRANCE MYRIADS Project Team Towards the Magic Green Broker Jean-Louis Pazat IRISA 1/29 Jean-Louis Pazat IRISA/INSA Rennes, FRANCE MYRIADS Project Team Towards the Magic Green Broker Jean-Louis Pazat IRISA 2/29 OUTLINE Clouds and

More information

SURFsara HPC Cloud Workshop

SURFsara HPC Cloud Workshop SURFsara HPC Cloud Workshop doc.hpccloud.surfsara.nl UvA workshop 2016-01-25 UvA HPC Course Jan 2016 Anatoli Danezi, Markus van Dijk cloud-support@surfsara.nl Agenda Introduction and Overview (current

More information

Cloud Computing from an Institutional Perspective

Cloud Computing from an Institutional Perspective 15th April 2010 e-infranet Workshop Louvain, Belgium Next Generation Data Center Summit Cloud Computing from an Institutional Perspective Distributed Systems Architecture Research Group Universidad Complutense

More information

Exploring Resource Provisioning Cost Models in Cloud Computing

Exploring Resource Provisioning Cost Models in Cloud Computing Exploring Resource Provisioning Cost Models in Cloud Computing P.Aradhya #1, K.Shivaranjani *2 #1 M.Tech, CSE, SR Engineering College, Warangal, Andhra Pradesh, India # Assistant Professor, Department

More information

journey to a hybrid cloud

journey to a hybrid cloud journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience

More information

The role of standards in driving cloud computing adoption

The role of standards in driving cloud computing adoption The role of standards in driving cloud computing adoption The emerging era of cloud computing The world of computing is undergoing a radical shift, from a product focus to a service orientation, as companies

More information

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING 1. K.SURIYA Assistant professor Department of Computer Applications Dhanalakshmi Srinivasan College of Arts and Science for Womren Perambalur Mail: Surik.mca@gmail.com

More information

Windows Azure Platform

Windows Azure Platform Windows Azure Platform Giordano Tamburrelli, PhD giotam@microsoft.com Academic Developer Evangelist Slides by David Chou You manage You manage You manage Types of Clouds Private (On-Premise) Infrastructure

More information

Selecting the right Cloud. Three steps for determining the most appropriate Cloud strategy

Selecting the right Cloud. Three steps for determining the most appropriate Cloud strategy Selecting the right Cloud Three steps for determining the most appropriate Cloud strategy Selecting the most appropriate cloud model can be a challenging process for organisations and IT executives tasked

More information

Secure Private Cloud Architecture for Mobile Infrastructure as a Service

Secure Private Cloud Architecture for Mobile Infrastructure as a Service 2012 IEEE Eighth World Congress on Services Secure Private Cloud Architecture for Mobile Infrastructure as a Service Susmita Horrow Department of mathematics IIT Roorkee, India hsusmita4@gmail.com Sanchika

More information

Computing Power at your Service: IaaS from the Private Cloud Dynamic Services for Infrastructure

Computing Power at your Service: IaaS from the Private Cloud Dynamic Services for Infrastructure Computing Power at your Service: IaaS from the Private Cloud Dynamic Services for Infrastructure November 2011 18.11.2010 1 CIO s challenges 2010. Challenges of many CIOs in 2010: IT budgets approx. 20%

More information

Purpose-Centric Secure Information Sharing

Purpose-Centric Secure Information Sharing Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security (ICS) University of Texas at San Antonio September 2009 ravi.sandhu@utsa.edu

More information

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014 Consumption IT Michael Shepherd Business Development Manager Cisco Public Sector May 1 st 2014 Short Bio Cloud BDM in Public Sector (SLED + FED) Cisco for 14 + years Focused on cloud for 4 + years Awareness,

More information

Certified Cloud Computing Professional VS-1067

Certified Cloud Computing Professional VS-1067 Certified Cloud Computing Professional VS-1067 Certified Cloud Computing Professional Certification Code VS-1067 Vskills Cloud Computing Professional assesses the candidate for a company s cloud computing

More information

Subash Krishnaswamy Applications Software Technology Corporation

Subash Krishnaswamy Applications Software Technology Corporation Oracle Applications and Cloud Computing - Future Direction Subash Krishnaswamy Applications Software Technology Corporation Agenda Introduction ti to CLOUD Oracle Corporation and CLOUD Oracle Applications

More information

Security Model for VM in Cloud

Security Model for VM in Cloud Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,

More information