Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST"

Transcription

1 Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST

2 No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service Pay/charge-per-use access to applications, software development & deployment environments, and computing infrastructure. Optimized, efficient computing through enhanced collaboration, agility, scalability, and availability. Service models (SPI) Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Deployment models Private Community Public Hybrid Natural evolution of the Web: Web Sites Applications SaaS Developer Platforms PaaS Compute and Store IaaS Next logical step for IT industry Strategic weapon in enterprise computing Norm in every sector of society. Governments, organizations, and individuals adopt cloud computing to manage information instead of infrastructure.

3 Now Focus On Initial Risks Evaluation using CSA s framework Importance of data and applications/functions/processes to be moved to Cloud Risk tolerance of organization Acceptable deployment and service models combinations Potential exposure points for sensitive information and operations. Multi-Tenancy the True Cloud solution Data and applications of different consumers share platforms, storage, and networks Tightly related to resource pooling Economies of scale, passed to costumers Use of newest technology and the latest software versions Logical separation is a suitable substitute for physical separation. Main risks come from not knowing the architecture One of top 6 questions to ask: Is it hosted or a true Cloud solution? Cloud-Based Integration ipaas Silos - applications and data cannot interact with on-premise systems. ipaas -development, execution and governance of integration flows Connecting on-premise and cloud-based processes, services, applications, and data Within individual or across multiple organizations.

4 Now Focus On (Cont.) Cloud Portability, Interoperability, and Federation Applications and data are easily moved between platforms and providers Scaling one service across disparate providers, while appearing and operating as one system Interoperability is closely related to rapid elasticity and multi-tenancy Connecting clouds through network gateways hybrid Cloud environment Interconnecting services of providers from disparate networks Providers wholesale or rent resources to balance workloads and handle spikes in demand Standard, pre-negotiated set of contracts.; Federation agreements. Benefits for Consumers Choose best provider by flexibility, cost, and availability of services Use most appropriate infrastructure environment Distribute workloads around globe ;move data between disparate networks. Benefits for Providers Earn revenue from idle or underutilized resources Expand geographic footprints without building new points of presence. Considerable effort: IEEE CS P2302 Standard for Intercloud Interoperability and Federation.

5 New Trends Nexus of Forces evolving through convergence and mutual reinforcement of: Social Mobile Cloud Big Data Social media and mobile apps provide platformfor effective social and business interactions. Cloud offers convenient and cost effective computational and information delivery infrastructure. New digital economy is being built upon this Nexus in combination with the Internet of Things, unlocking an incredible opportunity to connect everything together. The gap between ideas and actions is being rapidly reduced through: Near-global connectivity Pervasive mobility Industrial-strength compute services Access to vast amounts of information Without Cloud Social interactions no place to happen at scale Mobile no connection to data and functions Information stuck inside internal systems.

6 New Trends (Cont.) Personal Clouds (PC s) PC idea reborn --control on data, apps, terms of service Personal devices Personal services; self-hosted, provider-hosted, or hybrid Interoperable and addressable through XDI p2p marketplace Find and engage with anyone with PC trust, reputation. Hybrid Clouds Evolution From integration of internal private clouds & public services Towards bringing together personal clouds & external private services Will have to be design with interoperability and federation in mind. Private Clouds Evolution Will have to be designed with hybrid future in mind to be able to handle future aggregation, integration, interoperability, and customization of services Organizations implementing such clouds will have to: Handle overdrafting and cloudbursting Take role of cloud service brokers.

7 New Trends (Cont.) From To Cloud ~ provides ubiquitous, on-demand, elastic, selfconfigurable, cost effective computing. and Mobile ~ convenient gadgets, with regional wireless communication and limited data services and computing and power resources. Cloud-Based Mobile Augmentation (CMA) ~ employs Cloud to increase, enhance, and optimize computing capabilities of mobile devices. and Cloud Mobility~ low-end mobile devices access cloud computing resources and globally connected mobile enabled resources. Flyables Wearables Drivables Scannables

8

9 Evaluating Initial Cloud Risks Steps in Evaluating Risk 1. Identify asset for cloud deployment Determine exactly what data or applications/ function/ process is being considered for the Cloud. 2. Evaluate asset Determine how sensitive that data is and how important that application/ function/ process is to organization. Assess confidentiality, integrity, and availability; and how risk changes if all/ part of that asset is in the Cloud similar to project outsourcing assessment, just with wider range of deployment options. 3. Map asset to cloud deployment models Determine if any risks implicit to different deployment models (private, public, community, hybrid) and hosting scenarios (internal, external, combined) are acceptable. At this point there should be a good idea of the comfort level for transitioning to the Cloud, and which deployment models and locations fit desired security and risk requirements. 4. Evaluate cloud service models and providers Focus on degree of control organization will have at each SPI tier to implement any required risk management (risk mitigation). For a specific offering, switch to a fuller risk assessment. 5. Map out data flow For specific provider offering, map out data flow between organization, cloud service, any customers/ other nodes. Understand whether and how data can move in and out of the Cloud. For any offering, sketch out rough data flow for any deployment option on your acceptable list, to help you identify risk exposure points when making final decisions. Details Potential uses of asset to account for: Scope creep data and transaction volumes often become higher than expected. Ask what would be the harm if: Asset became widely public and widely distributed Asset were accessed by employee of Cloud provider Process/function were manipulated by outsider Process/function failed to provide expected results Data were unexpectedly changed Asset were unavailable for a period of time Which model is acceptable for identified asset: Public; Private, internal/ on premises Private, external look at dedicated or shared infrastructure Community look at hosting location, service provider, community members Hybrid look at least at rough architecture of where components, functions, and data will reside Consider: SaaS PaaS IaaS Consider: Private Public Community Hybrid Consider: Providers' offerings Consider: Providers' offerings

10 Multi-Tenancy Examples of Shared Resources by Service Model Service Model Shared Resources Shared By SaaS Same application or database Different consumers Paas Same operating system, and supporting data and networking services Different processes Iaas Same hardware via a hypervisor Different VMs General Methods for Achieving Multi-Tenancy Multi-Tenancy Via Description Cost Database Virtualization Database and configuration, with isolation provided at the application layer. VM technology, providing hardware emulation layer over the real hardware. Multiple copies of server OSsare run within one physical machine, while sharing physical hardware (network cards and disk storage) between virtual OS instances. Physical separation Resources are provided to tenants individually each tenant uses only dedicated hardware. Least costly. Might reduce services costs and expenses, but is more costly compared to multi-tenancy via databases. Most costly.

11 Security Risks PaaSbuilds upon IaaS, SaaSin turn builds upon PaaS security issues and risks are inherited just as capabilities are. Lower down the stack, provider stops bearing responsibility, and consumer becomes responsible for more security capabilities and management. Service Model SaaS PaaS IaaS Integrated Features Extensibility Most integrated functionality built directly into the offering Customer ready futures Few if any application-like futures Least consumer extensibility More extensible than SaaS Enormous extensibility Security Relatively high level of integrated security -provider responsible Negotiated into contracts for service (service levels, privacy, compliance) Less complete built-in capabilities Securing the platform -- provider responsible More flexibility to layer on additional security Applications developed on platform and developing them securely -- consumer responsibility Protecting underlying infrastructure and abstraction layers -- provider responsible Less integrated security capabilities and functionality beyond that Reminder of stack -- OSs, applications, content -- managed/ secured by consumer

12 Multi-Tenancy Risks (1) Deployment Model Multi-tenancy Risks and Mitigation Implications: Workloads of different consumers may reside: Concurrently on same computer system and local network, Separated only by access policies implemented by provider's software. Consumers security could be compromised by flaw in: General Implementation or Provider s management and operational policies and procedures. Multi-tenancy risks: Reliability failure may occur Security attack may be perpetrated by consumer Implications: General risks apply, as there could be authorized but malicious insiders Different organizational functions(payroll, sensitive PII storage, IP generation) can become accessible to not authorized users and classes of data disclosed. On-site Risks mitigation: Logical segregation techniques at network layer, such as VPN Routing and Forwarding (VRF) Private Clients are restricted to organization members or authorized guests/ partners. Implications: On-site private cloud risks apply. Risks mitigation: Outsourced FISMA and OMB policy require external cloud providers to handle federal information or operating information systems on behalf of the federal government meet same security requirements as federal agencies.

13 Multi-Tenancy Risks (2) Deployment Model Multi-tenancy Risks and Mitigation Implications: On-site private cloud risks apply, but more organizations are encompassed. On-site Risks mitigation: Restricted number of possible attackers, but more than with private onside cloud. Community Implications: On-site community cloud risks apply. Outsourced Risks mitigation: Restricted number of possible attackers, but more than with private cloud. Implications: Workloads of any combination of consumers may be sharing a single machine Workload may be co-resident with workloads of competitors or adversaries. Risks: Public Large collection of potential attackers, as public clouds aim scaling in consumers and resources to achieve low costs and elasticity. Risks mitigation: Limited kinds of data for computations in the cloud Data encryption (but then data needs to be unencrypted to be processed) Physical separation rent entire computer systems rather than VMs (mono-tenancy), VPNs, segmented networks, or advanced access controls.

14 Interoperability (1) Interoperability, Portability, and Cloud Service Models Service Model IaaS PaaS SaaS Interoperability and Portability Interoperability and portability of customer workloads are more achievable in IaaS service IaaSbuilding blocks are relatively well-defined, e.g., network protocols, CPU instruction sets, and legacy device interfaces Application written to use specific services from a vendor's PaaSwill require changes to use similar services from another vendor's PaaS Efforts on development of open and proprietary standard API's to enable cloud management, security, and interoperability: Open Cloud Computing Interface Working Group (OCCI), Amazon Common container formats: DMTF'S Open Virtualization Format (OVF). Application written to those standards is far more likely to be interoperable and portable. Portability of workloads requires a level of compatibility and interoperability between SaaS applications.

15 Interoperability (2) Interoperability of Between Application Platform Application components deployed as: SaaS Applications using PaaS Applications on platforms using IaaS Platform components deployed as: PaaS Platforms on IaaS Need of Dynamic discovery and composition: Discover instances of application components Combine them with others at run time. Note: Application component may be a complete monolithic application or part of a distributed application. Standard protocols for service discovery and information exchange indirectly these enable interoperability of applications on these platforms. Management Publication and Acquisition Cloud services (SaaS, PaaS, Iaas) and programs for implementation of on-demand self-service. Platforms, cloud PaaSservices and marketplaces (including app stores). Standard interfaces for cloud services to create generic system management products for both cloud services and in-house systems. Standard interfaces to these stores to lower cost of for software provideers and users. Portability of Data Application Platform Enables Re-Use of Data components across different applications Application components across cloud PaaS services and traditional computing platforms Platform components across cloud IaaSservices and non-cloud infrastructure (platform source portability) Bundles containing applications and data with their supporting platforms (machine image portability)

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Cloud Computing Architecture: A Survey

Cloud Computing Architecture: A Survey Cloud Computing Architecture: A Survey Abstract Now a day s Cloud computing is a complex and very rapidly evolving and emerging area that affects IT infrastructure, network services, data management and

More information

Commercial Software Licensing

Commercial Software Licensing Commercial Software Licensing CHAPTER 12: Prepared by DoD ESI January 2013 Chapter Overview Most software licenses today are either perpetual or subscription. Perpetual licenses involve software possession

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University Cloud computing: the state of the art and challenges Jānis Kampars Riga Technical University Presentation structure Enabling technologies Cloud computing defined Dealing with load in cloud computing Service

More information

VMware vcloud Powered Services

VMware vcloud Powered Services SOLUTION OVERVIEW VMware vcloud Powered Services VMware-Compatible Clouds for a Broad Array of Business Needs Caught between shrinking resources and growing business needs, organizations are looking to

More information

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

Digital Forensics. Lab 10: Cloud Computing & the Future of Digital Forensics

Digital Forensics. Lab 10: Cloud Computing & the Future of Digital Forensics Digital Forensics Lab 10: Cloud Computing & the Future of Digital Forensics Today's Topics Cloud Computing Overview Applications of Cloud Computing Impact of CC to Digital Forensics Future of Digital Forensics

More information

CLOUD COMPUTING OVERVIEW

CLOUD COMPUTING OVERVIEW CLOUD COMPUTING OVERVIEW http://www.tutorialspoint.com/cloud_computing/cloud_computing_overview.htm Copyright tutorialspoint.com Cloud Computing provides us a means by which we can access the applications

More information

Requirements and Challenges for Securing Cloud Applications and Services

Requirements and Challenges for Securing Cloud Applications and Services IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661 Volume 4, Issue 2 (Sep.-Oct. 2012), PP 46-52 Requirements and Challenges for Securing Cloud Applications and Services Mrs. Y. Lakshmi Prasanna

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Cloud Glossary. A Guide to Commonly Used Terms in Cloud Computing

Cloud Glossary. A Guide to Commonly Used Terms in Cloud Computing Cloud Glossary A Guide to Commonly Used Terms in Cloud Computing 1 Cloud Talk The cloud is evolving. As it does, new terms are constantly appearing and some of the older terms are gaining new meaning.

More information

Plant Software in the Cloud Fact vs. Myth

Plant Software in the Cloud Fact vs. Myth Plant Software in the Cloud Fact vs. Myth Andy Chatha President ARC Advisory Group AChatha@ARCweb.com Manufacturing Performance Improvement Levers Systems People Processes Information Things 2 Transformational

More information

CHAPTER 8 CLOUD COMPUTING

CHAPTER 8 CLOUD COMPUTING CHAPTER 8 CLOUD COMPUTING SE 458 SERVICE ORIENTED ARCHITECTURE Assist. Prof. Dr. Volkan TUNALI Faculty of Engineering and Natural Sciences / Maltepe University Topics 2 Cloud Computing Essential Characteristics

More information

Cloud Computing Technology

Cloud Computing Technology Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted. Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing

More information

The Future Of Cloud Computing. Thursday, September 1, 11

The Future Of Cloud Computing. Thursday, September 1, 11 1 The Future Of Cloud Computing 2 ::Setting Some Context Cloud Computing is a natural, disruptively innovative and timely opportunistic response to a converging set of socioeconomic, political, cultural

More information

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory Caveats and Disclaimers This presentation provides education on cloud technology and its benefits

More information

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 Cloud Basics Cloud Basics The interesting thing about cloud computing is that we've redefined cloud computing to include everything

More information

Lecture 02a Cloud Computing I

Lecture 02a Cloud Computing I Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking

More information

Where in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle)

Where in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle) Where in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle) Abstract The goal of this session is to understanding what is meant when we say Where in the

More information

CLOUD COMPUTING. When It's smarter to rent than to buy

CLOUD COMPUTING. When It's smarter to rent than to buy CLOUD COMPUTING When It's smarter to rent than to buy Is it new concept? Nothing new In 1990 s, WWW itself Grid Technologies- Scientific applications Online banking websites More convenience Not to visit

More information

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 Perspectives on Moving to the Cloud Paradigm and the Need for Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 2 NIST Cloud Computing Resources NIST Draft Definition of

More information

Overview of Cloud Computing (ENCS 691K Chapter 1)

Overview of Cloud Computing (ENCS 691K Chapter 1) Overview of Cloud Computing (ENCS 691K Chapter 1) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ Overview of Cloud Computing Towards a definition

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

Getting Familiar with Cloud Terminology. Cloud Dictionary

Getting Familiar with Cloud Terminology. Cloud Dictionary Getting Familiar with Cloud Terminology Cloud computing is a hot topic in today s IT industry. However, the technology brings with it new terminology that can be confusing. Although you don t have to know

More information

SDN Unlocks New Opportunities for Cloud Service Providers

SDN Unlocks New Opportunities for Cloud Service Providers White Paper SDN Unlocks New Opportunities for Cloud Service Providers Prepared by Caroline Chappell Senior Analyst, Heavy Reading www.heavyreading.com on behalf of www.juniper.net March 2014 Executive

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot

More information

Agenda. Background and cloud portability and interoperability concepts Distributed computing reference model. development Conclusions

Agenda. Background and cloud portability and interoperability concepts Distributed computing reference model. development Conclusions Dr Thomas Lee 14 August 2013, 6 th Meeting of Working Group on Cloud Computing Interoperability Standards, Expert Group on Cloud Computing Services and Standards, Office of the Government Chief Information

More information

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Cloud Computing 159.735 Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Table of Contents Introduction... 3 What is Cloud Computing?... 3 Key Characteristics...

More information

Infrastructure Virtualization for Hybrid Cloud

Infrastructure Virtualization for Hybrid Cloud Infrastructure Virtualization for Hybrid Cloud Technology Transformation Public cloud has delivered elastic computing to enterprises by offering on-demand resources to accommodate the burst computing needs.

More information

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds What You Will Learn Public sector organizations without the budget to build a private cloud can consider public cloud services. The drawback until now has been tenants limited ability to implement their

More information

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing TECHNOLOGY GUIDE THREE Emerging Types of Enterprise Computing TECHNOLOGY GU IDE OUTLINE TG3.1 Introduction TG3.2 Server Farms TG3.3 Virtualization TG3.4 Grid Computing TG3.5 Utility Computing TG3.6 Cloud

More information

Chapter 3. Database Architectures and the Web Transparencies

Chapter 3. Database Architectures and the Web Transparencies Chapter 3 Database Architectures and the Web Transparencies Database Environment - Objectives The meaning of the client server architecture and the advantages of this type of architecture for a DBMS. The

More information

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

Cloud Computing Security Issues

Cloud Computing Security Issues Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,

More information

Cloud Computing Terms:

Cloud Computing Terms: Cloud Computing Terms: Advertising-based pricing model: A pricing model whereby services are offered to customers at low or no cost, with the service provider being compensated by advertisers whose ads

More information

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction

More information

White Paper. Cloud Vademecum

White Paper. Cloud Vademecum White Paper Cloud Vademecum Cloud is the new IT paradigm this document offers a collection of thoughts, internal and external discussions and information. The goal is to inspire and stimulate the route

More information

Hybrid Cloud: Overview of Intercloud Fabric. Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group

Hybrid Cloud: Overview of Intercloud Fabric. Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group Hybrid Cloud: Overview of Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group Agenda Why Hybrid cloud? Cisco Vision Hybrid Cloud Use Cases and ROI Architecture Overview Deployment Model and

More information

Avnet's Guide to Cloud Computing

Avnet's Guide to Cloud Computing Avnet's Guide to Cloud Computing Reimagine Transform Accelerate Cloud Computing from A Z Avnet can help you reduce complexity by understanding the terminology and phrases associated with cloud computing.

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB Why Private Cloud? O P E R A T I O N S V I E W Nenad BUNCIC EPFL, SI-EXHEB 1 What Exactly Is Cloud? Cloud technology definition, as per National Institute of Standards and Technology (NIST SP 800-145),

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

The Private Cloud Your Controlled Access Infrastructure

The Private Cloud Your Controlled Access Infrastructure White Paper: Private Clouds The ongoing debate on the differences between a Public and Private Cloud are broad and often loud. The bottom line is that it s really about how the resource, or computing power,

More information

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014 Consumption IT Michael Shepherd Business Development Manager Cisco Public Sector May 1 st 2014 Short Bio Cloud BDM in Public Sector (SLED + FED) Cisco for 14 + years Focused on cloud for 4 + years Awareness,

More information

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges.

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. B.Kezia Rani 1, Dr.B.Padmaja Rani 2, Dr.A.Vinaya Babu 3 1 Research Scholar,Dept of Computer Science, JNTU, Hyderabad,Telangana

More information

Planning the Migration of Enterprise Applications to the Cloud

Planning the Migration of Enterprise Applications to the Cloud Planning the Migration of Enterprise Applications to the Cloud A Guide to Your Migration Options: Private and Public Clouds, Application Evaluation Criteria, and Application Migration Best Practices Introduction

More information

yvette@yvetteagostini.it yvette@yvetteagostini.it

yvette@yvetteagostini.it yvette@yvetteagostini.it 1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work

More information

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption Cloud Computing in Higher Education: A Guide to Evaluation and Adoption Executive Summary Public cloud computing delivering infrastructure, services, and software on demand through the network offers attractive

More information

Cloud Security. Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014

Cloud Security. Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014 Cloud Security Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014 Agenda Introduction Security Assessment for Cloud Secure Cloud Infrastructure

More information

SaaS, PaaS & TaaS. By: Raza Usmani

SaaS, PaaS & TaaS. By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani SaaS - Introduction Software as a service (SaaS), sometimes referred to as "on-demand software. software and its associated data are hosted centrally (typically in the

More information

Building Private & Hybrid Cloud Solutions

Building Private & Hybrid Cloud Solutions Solution Brief: Building Private & Hybrid Cloud Solutions WITH EGENERA CLOUD SUITE SOFTWARE Egenera, Inc. 80 Central St. Boxborough, MA 01719 Phone: 978.206.6300 www.egenera.com Introduction When most

More information

Cloud Computing: Risks and Auditing

Cloud Computing: Risks and Auditing IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG

More information

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud? East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Cloud Computing Dr. A. Askarunisa Professor and Head Vickram College of Engineering, Madurai, Tamilnadu, India N.Ganesh Sr.Lecturer Vickram College of Engineering, Madurai, Tamilnadu,

More information

Fundamental Concepts and Models

Fundamental Concepts and Models Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract

More information

OVERVIEW Cloud Deployment Services

OVERVIEW Cloud Deployment Services OVERVIEW Cloud Deployment Services Audience This document is intended for those involved in planning, defining, designing, and providing cloud services to consumers. The intended audience includes the

More information

Data Centers and Cloud Computing. Data Centers

Data Centers and Cloud Computing. Data Centers Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing 1 Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises

More information

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind

More information

Emerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices

Emerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices Emerging Approaches in a -Connected Enterprise: Containers and Microservices Anil Karmel Co-Founder and CEO, C2 Labs Co-Chair, NIST Security Working Group akarmel@c2labs.com @anilkarmel Emerging Technologies

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

IT Monitoring for the Hybrid Enterprise

IT Monitoring for the Hybrid Enterprise IT Monitoring for the Hybrid Enterprise With a Look at ScienceLogic Perspective 2012 Neovise, LLC. All Rights Reserved. Report Published April, 2015 Hybrid IT Goes Mainstream Enterprises everywhere are

More information

The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity

The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity . White Paper The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity The cloud computing phenomenon is generating a lot of interest worldwide because of its potential to offer services

More information

TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER CLOUD 2.0 MOVING FROM COST SAVINGS TO AGILE IT

TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER CLOUD 2.0 MOVING FROM COST SAVINGS TO AGILE IT TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER CLOUD 2.0 MOVING FROM COST SAVINGS TO AGILE IT APRIL 27-29, 2015 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY) info@technologytransfer.it www.technologytransfer.it

More information

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure

More information

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled HEXAWARE Q & A E-BOOK ON CLOUD BI Layers Applications Databases Security IaaS Self-managed

More information

Clinical Trials in the Cloud: A New Paradigm?

Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand

More information

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Cloud Computing: The atmospheric jeopardy Unique Approach Unique Solutions Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Background Cloud computing has its place in company computing strategies,

More information

What Cloud computing means in real life

What Cloud computing means in real life ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)

More information

Kent State University s Cloud Strategy

Kent State University s Cloud Strategy Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology

More information

Competitive Comparison Between Microsoft and VMware Cloud Computing Solutions

Competitive Comparison Between Microsoft and VMware Cloud Computing Solutions Competitive Comparison Between Microsoft and VMware Cloud Computing Solutions Introduction As organizations evaluate how cloud computing can help them improve business agility, reduce management complexity

More information

Eliminates Cloud Lock-In

Eliminates Cloud Lock-In Cloud computing today is significantly improving enterprises and business IT speed, agility and costs. However, companies fear technology lock-in when engaging proprietary public clouds and it has become

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Interoperability & Portability for Cloud Computing: A Guide. http://www.cloud-council.org/cscc-cloud-interoperability-and-portability.

Interoperability & Portability for Cloud Computing: A Guide. http://www.cloud-council.org/cscc-cloud-interoperability-and-portability. Interoperability & Portability for Computing: A Guide http://www.cloud-council.org/cscc--interoperability-and-portability.pdf December, 2014 The Standards Customer Council THE Customer s Voice for Standards!

More information

Cloud Computing. Bringing the Cloud into Focus

Cloud Computing. Bringing the Cloud into Focus Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice

More information

Data Centers and Cloud Computing. Data Centers. MGHPCC Data Center. Inside a Data Center

Data Centers and Cloud Computing. Data Centers. MGHPCC Data Center. Inside a Data Center Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Data Centers Large server and storage farms 1000s of servers Many TBs or PBs of data Used by Enterprises

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

The Role of the Operating System in Cloud Environments

The Role of the Operating System in Cloud Environments The Role of the Operating System in Cloud Environments Judith Hurwitz, President Marcia Kaufman, COO Sponsored by Red Hat Cloud computing is a technology deployment approach that has the potential to help

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Building an AWS-Compatible Hybrid Cloud with OpenStack

Building an AWS-Compatible Hybrid Cloud with OpenStack Building an AWS-Compatible Hybrid Cloud with OpenStack AWS is Transforming IT Amazon Web Services (AWS) commands a significant lead in the public cloud services market, with revenue estimated to grow from

More information

21/09/11. Introduction to Cloud Computing. First: do not be scared! Request for contributors. ToDO list. Revision history

21/09/11. Introduction to Cloud Computing. First: do not be scared! Request for contributors. ToDO list. Revision history Request for contributors Introduction to Cloud Computing https://portal.futuregrid.org/contrib/cloud-computing-class by various contributors (see last slide) Hi and thanks for your contribution! If you

More information

An Introduction to Cloud Computing Concepts

An Introduction to Cloud Computing Concepts Software Engineering Competence Center TUTORIAL An Introduction to Cloud Computing Concepts Practical Steps for Using Amazon EC2 IaaS Technology Ahmed Mohamed Gamaleldin Senior R&D Engineer-SECC ahmed.gamal.eldin@itida.gov.eg

More information

The Safe Harbor. 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved.

The Safe Harbor. 1 Copyright 2013, Oracle and/or its affiliates. All rights reserved. The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to

More information

CLOUD COMPUTING PHYSIOGNOMIES A 1.1 CLOUD COMPUTING BENEFITS

CLOUD COMPUTING PHYSIOGNOMIES A 1.1 CLOUD COMPUTING BENEFITS 193 APPENDIX 1 CLOUD COMPUTING PHYSIOGNOMIES A 1.1 CLOUD COMPUTING BENEFITS A 1.1.1 Cost Savings The biggest reason for shifting to cloud computing is cost. Any company or enterprise has to face sizable

More information

Sistemi Operativi e Reti. Cloud Computing

Sistemi Operativi e Reti. Cloud Computing 1 Sistemi Operativi e Reti Cloud Computing Facoltà di Scienze Matematiche Fisiche e Naturali Corso di Laurea Magistrale in Informatica Osvaldo Gervasi ogervasi@computer.org 2 Introduction Technologies

More information

CoIP (Cloud over IP): The Future of Hybrid Networking

CoIP (Cloud over IP): The Future of Hybrid Networking CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical

More information

White Paper on NETWORK VIRTUALIZATION

White Paper on NETWORK VIRTUALIZATION White Paper on NETWORK VIRTUALIZATION INDEX 1. Introduction 2. Key features of Network Virtualization 3. Benefits of Network Virtualization 4. Architecture of Network Virtualization 5. Implementation Examples

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Addressing Data Security Challenges in the Cloud

Addressing Data Security Challenges in the Cloud Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud

More information

Evaluation Methodology of Converged Cloud Environments

Evaluation Methodology of Converged Cloud Environments Krzysztof Zieliński Marcin Jarząb Sławomir Zieliński Karol Grzegorczyk Maciej Malawski Mariusz Zyśk Evaluation Methodology of Converged Cloud Environments Cloud Computing Cloud Computing enables convenient,

More information

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government October 4, 2009 Prepared By: Robert Woolley and David Fletcher Introduction Provisioning Information Technology (IT) services to enterprises

More information

Software-Defined Networks Powered by VellOS

Software-Defined Networks Powered by VellOS WHITE PAPER Software-Defined Networks Powered by VellOS Agile, Flexible Networking for Distributed Applications Vello s SDN enables a low-latency, programmable solution resulting in a faster and more flexible

More information