Cloud Computing Security in the Tactical Environment the Difference a Year Makes
|
|
- Kerry Mason
- 8 years ago
- Views:
Transcription
1 Cloud Computing Security in the Tactical Environment the Difference a Year Makes Panel Coordinator / Moderator: Noel Ellis (Eli) Johnson Noel_E_Johnson@Raytheon.com This document does not contain technical data as defined by the International Traffic in Arms Regulations, 22 CFR (a), or technology as defined by the Department of Commerce Export Administration Regulations, and is therefore authorized for publication. Copyright Raytheon Company. All rights reserved. 1
2 UNCLASSIFIED Panel Topic & Members Panel Topic: Cloud Computing Security in the Tactical Environment, the Difference a Year Makes Panel Coordinator / Moderator, Noel Ellis (Eli) Johnson Raytheon Sr. Principal Systems Engineer, CISSP-ISSEP, CSSLP, Tactical Communications Solutions, multiple program supports as a Cybersecurity Subject Matter Expert, Dr. Jeff Boleng, Carnegie Mellon University, Software Solutions Division, Software Engineering Institute, Principal Research Scientist Professor; Elisa Bertino, Purdue University, Professor CS, Research Director of CERIAS, Director of Cyber Center, Mr. Randall Brooks, Raytheon, Raytheon Engineering Fellow, Member of the Technical Staff Mr. David A. Smith, Raytheon Certified Architect, Chair Cloud TIG C4I Business Area Technical Lead 2 UNCLASSIFIED
3 UNCLASSIFIED Panel Format Panel Topic: Cloud Computing Security in the Tactical Environment Each panel member will have 3-5 minutes to provide an initial position statement, Discussion based on initial position statements & moderator questions, Half hour will be reserved for questions from the audience, Each panel member will be provided 5 minutes final remarks, Noel Ellis (Eli) Johnson Raytheon Provide the context of challenges and opportunities of Cloud Computing Security in the Tactical Environment Opening position statements. Dr. Jeff Boleng, Carnegie Mellon University, Software Solutions Division, Software Engineering Institute, Professor; Elisa Bertino, Purdue University, Mr. Randall Brooks, Raytheon, Raytheon Engineering Fellow, Mr. David A. Smith, Raytheon Certified Architect, Chair Cloud TIG 3 UNCLASSIFIED
4 What is Cloud Computing? NIST SP , Mell and Grance, 2011 Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. Essential Characteristics, Rapid Elasticity Resource Pooling Measured Service Broad network access On-demand self-service Service Models Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Deployment Models Public Cloud, Hybrid Cloud, Private Cloud, Community Cloud, 4
5 UNCLASSIFIED Cloud Computing Security in the Tactical Environments, Not all Tactical Environments are the Same! Types of Cloud Computing Services Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS), Core Advantages Flexibility, Highly automated, Shared Resources, Increased storage, Pay for what your use, Back up and restoration, Easy installation and maintenance, Core Disadvantages Cost, Limited flexibility, Data security and privacy, Knowledge and integration, Dependence on outside agencies, Network connectivity and bandwidth, Long term stability of service provider, Service unavailability due to a variety of reasons, UNCLASSIFIED 5
6 UNCLASSIFIED USG & DoD Transitioning to the Cloud FedRAMP Federal Risk and Authorization Management Program Cloud computing for USG DoD Cloud Computing Security Requirements Guide (SRG) Version 1, Release 1, 1/13/2015 National Institute of Standards and Technology (NIST) Cloud Computing Strategy working paper, April 2011 USG Cloud Computing Technology Roadmap Volume 1 Release 1.0 (Draft) November 2011 NIST Federal Information Processing Standards (FIPS) and Special Publication (SP) Relevant to Cloud Computing FIPS 199; Minimum Security Requirements for Federal Information and Information Systems NIST SP ; NIST Cloud Computing Standards Roadmap, Version 2.0, July 2013 NIST SP ; NIST Cloud Computing Reference Architecture, September 2011, NIST SP ; Guide for Applying the Risk Management Framework to Federal Information Systems; A Security Life Cycle Approach; NIST SP Rev.4; Security and Privacy Controls for Federal Information systems and Organizations; NIST SP A Rev.3; Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Build Effective Assessment Plans; June 2010; NIST SP ; Guide to Computer Security Log Management; September 2006 NIST SP ; Guide to Security for Full Virtualization Technologies; January 2011 NIST SP ; Information Security Continuous Monitoring for Federal Information Systems and Organizations; September 2011; NIST SP ; Guidelines on Security and Privacy Issues in Public Cloud Computing, December 2011 NIST SP ; The NIST Definition of Cloud Computing; September 2011 NIST SP ; Cloud Computing Synopsis and Recommendations; May 2012 The Transition has begun: Is it secure? Will it meet the goals? UNCLASSIFIED 6
7 UNCLASSIFIED The Solution must address Keep Bad Guys & Malware Out Cloud Computing, COTS & GOTS Device(s) & Types Timely 7 UNCLASSIFIED
8 Introduction & Opening Statement of Panel Member Dr. Jeff Boleng, Carnegie Mellon University, Software Solutions Division, Software Engineering Institute, Cloud Security at the Edge Jeff Boleng, PhD Principal Research Scientist 8
9 Copyright 2015 Carnegie Mellon University and IEEE This material is based upon work funded and supported by the Department of Defense under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. DM
10 Jeff Boleng, PhD, CMU/SEI Dr. Jeff Boleng, PhD, Principal Research Scientist, Software Solutions Division, Software Engineering Institute, Carnegie Mellow University Since 2012, Advanced Mobile Systems Team Co-PI of Tactical Computing and Communications and Tactical Analytics research at SEI Research areas: Context Computing, Mobile Ad Hoc Networks, Scientific Computing, Parallel and Distributed Systems BS in CS from US Air Force Academy 1991, MS and PhD from Colorado School of Mines (1997 and 2002) in Mathematical and Computer Sciences 25 years experience as AF Cyber Operation Officer, deployable networks, command post integration, 21 st Mission Support Squadron Commander 8 years on faculty at USAFA as Associate Professor, 4 years as Deputy Computer Science Department Head 10
11 Securing the cloud Tail of two layers Infrastructure Services Securing each is different Infrastructure Largely virtualized Depends on security of every VM Services Secured by numerous external administrators Largest risk to the hypervisor is through poorly secured services 11
12 Securing the Services* Simplify! Simple, well defined, and enforced interfaces Do one thing and do it well -- Doug McIlroy Favor composability over monolithic design Assume components are compromised Use fail-safe/fail-secure design Never implicitly trust the results of another service Always ask What will my service do when it fails? *Note: these ideas aren t new or mine. Thanks to Ken Thompson, Dennis Ritchie, Brian Kernighan, Rob Pike, Doug McIlroy, Eric Raymond and others 12
13 Piping diagram of a Westinghouse Air Brake System
14 Elisha Otis s elevator patent drawing, 15 January
15 Microservice architectures Modular operating system containers Docker and LXC OSv Unikernels and MirageOS CoreOS Intel Clear Containers Small, lightweight, typically single process, multithreaded VMs built with only the OS and library components necessary to support the code implementing the service 15
16 Microservice architectures Our experience on an embedded robotics sensor system OSv with nanomsg and protocol buffers on Xen 12Mb VM on disk, 60Mb VM when running Redis benchmark 30% faster in OSv container No other OS service running (i.e. only 1 or 2 ports open at all) Pros cohesion coupling Forces rigorous commitment to interfaces and standardization Small size on disk and in RAM Faster startup and migration Reduced attack surface and complexity High availability (redundancy, load balancing, fail over) techniques from data center experience directly applicable Cons Timing, network latency, etc. (all the distributed computing challenges) Startup and shutdown orchestration Service discovery 16
17 Simplicity is the ultimate sophistication -Leonardo da Vinci 17
18 Introduction & Opening Statement of Panel Member Professor; Elisa Bertino, Purdue University, Professor CS, Research Director of CERIAS, Director of Cyber Center, Sensor-Cloud: Opportunities and Research Directions Elisa Bertino Purdue University Cyber Center 18
19 Definitions and Conceptual Architecture Military Target Tracking Natural Disaster Relief What is a Sensor-Cloud? An Infrastructure supporting pervasive computation based on: sensors as an interface between physical and cyber worlds the cloud as the cyber backbone the Internet and wireless technologies as the communication medium IoT and NoT These recent trends will further accelerate the deployment of sensor networks and sensor-based applications Drones and UAV The use of these devices will multiply the opportunities for collecting data from (possibly mobile) sensors on-the-ground and for managing these sensors 19
20 Research Directions Network access management Encryption techniques for small devices Sensor software and firmware security Secure sensor localization techniques Provenance techniques for sensors Tools supporting the deployment and monitoring of sensors, and the design of sensor-based data collection applications Data fusion techniques to assess and enhance sensor data trustworthiness Fault-tolerant and reliable continuous data acquisition Efficient sensor streamed data processing techniques Event processing and management Privacy for sensor-based applications and data 20 Diagram from: A. Alamri et al. A Survey on Sensor-Cloud: Architectures, Applications, and Approaches, 2013.
21 Introduction & Opening Statement of Panel Member Mr. Randall Brooks, Raytheon, Raytheon Engineering Fellow, Member of the Technical Staff 21
22 Cloud Application (hosted VM) Cloud Application (hosted VM) App A App A App B App C Host Operating System Cloud Application (hosted VM) Cloud Application (hosted VM) Position Statement Cloud Security is difficult to achieve in a tactical environment. It is faced with connectivity issues, a lack of elasticity and limited Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) providers. SaaS Provider PaaS Server Farm Mobile User IaaS Server Farm Outer Router Firewall Proxy (Deep Packet Inspection) On Prem Server Farm Isolated Services 22
23 Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Computing Essential Characteristics: Rapid Elasticity Resource Pooling Measured Service Broad network access On-demand selfservice NIST SP , Mell and Grance, 2011 PaaS App A App A App B App C Host Operating System Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. 23
24 Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Application (hosted VM) Cloud Computing Models Deployment Models Public Cloud Hybrid Cloud Private Cloud Community Cloud SaaS Provider Service Models Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) PaaS Server Farm IaaS Server Farm App A App A App B App C Host Operating System 24
25 The Notorious Nine: Cloud Computing Top Threats Data Breaches Data Loss Account Hijacking Insecure APIs Denial of Service Malicious Insiders Abuse of Cloud Services Insufficient Due Diligence Shared Technology Issue 25
26 Introduction & Opening Statement of Panel Member Mr. David A. Smith, Raytheon Certified Architect, Chair Cloud TIG C4I Business Area Technical Lead 26
27 The Power of Cloud Applications (Mobile) User Interface Service Interfaces Service Processing Data Cloud Native Applications are built differently. Stateless services are composed of many separate, identical instances. Instances are added, deleted, and restarted by the application itself based on need. Security is built in, or not, to the application. Cloud Application Designs are Scalable and Resilient when connected 27
28 UNCLASSIFIED The Solution must address Keep Bad Guys & Malware Out Cloud Computing, COTS & GOTS Device(s) & Types Timely 28 UNCLASSIFIED
29 Closing Comments Mr. David A. Smith, Raytheon Certified Architect, Chair Cloud TIG C4I Business Area Technical Lead Mr. Randall Brooks, Raytheon, Raytheon Engineering Fellow, Member of the Technical Staff Professor; Elisa Bertino, Purdue University, Professor CS, Research Director of CERIAS, Director of Cyber Center, Dr. Jeff Boleng, Carnegie Mellon University, Software Solutions Division, Software Engineering Institute, Principal Research Scientist Panel Coordinator / Moderator, Noel Ellis (Eli) Johnson Raytheon Sr. Principal Systems Engineer, 29
30 Questions!! 30
31 Biography Noel Ellis (Eli) Johnson, CISSP-ISSEP, CSSLP Information Systems Security Engineer Business Unit: SAS Location: Fort Wayne Office Phone: Mr. Johnson is a Senior Principal Engineer at Raytheon with over 26 years experience in designing security and information assurance (IA) solutions for the Defense and Commercial Telecommunications markets. Mr. Johnson recently was the Principal Investigator for secure mobility and supports the development and capture of a wide variety of crypto modern solutions for Type 1 applications as an IA subject matter expert. Mr. Johnson holds the following International Information Systems Security Certification Consortium (ISC) 2 certification credentials: Certified Information Systems Security Professional (CISSP) Information Systems Security Engineering Professional (ISSEP) Certified Secure Software Lifecycle Professional (CSSLP) Mr. Johnson supports the International Information Systems Security Certification Consortium (ISC) 2 Information Systems Security Engineering Professional (ISSEP) credential as a volunteer domain expert to perform Job Task Analyses and writes domain related items for the internationally recognized credential examination. 31 Mr. Johnson has published articles relating to Cryptographic Solutions for Mobile Devices and Secure Mobility in 2011 and 2012, presented at MILCOM 2012, panel chair for MILCOM 2014 & MILCOM 2015 relating to Cloud Computing Security.
The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.
The Magical Cloud Lennart Franked Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall. 2014-10-20 Lennart Franked (MIUN IKS) The Magical Cloud 2014-10-20 1 / 35
More informationBuilding Resilient Systems: The Secure Software Development Lifecycle
Building Resilient Systems: The Secure Software Development Lifecycle Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213, PhD Technical Director, CERT mssherman@sei.cmu.edu
More informationMerging Network Configuration and Network Traffic Data in ISP-Level Analyses
Merging Network Configuration and Network Traffic Data in ISP-Level Analyses Timothy J. Shimeall, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Presentation Title
More informationemontage: An Architecture for Rapid Integration of Situational Awareness Data at the Edge
emontage: An Architecture for Rapid Integration of Situational Awareness Data at the Edge Soumya Simanta Gene Cahill Ed Morris Motivation Situational Awareness First responders and others operating in
More informationArchitectural Implications of Cloud Computing
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
More informationMoving Target Reference Implementation
CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Moving Target Reference Implementation Software Engineering Institute, Carnegie Mellon University Andrew O. Mellinger December 17, 2014
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationOverview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security.
KVM and Hypervisor Security David Shepard and Matt Gaston CMU/SEI Cyber Innovation Center February 2012 2012 by Carnegie Mellon University. Published SEI PROPRIETARY INFORMATION. Distribution: Director
More informationAutomated Provisioning of Cloud and Cloudlet Applications
Automated Provisioning of Cloud and Cloudlet Applications Secure and Assured Mobile Computing Components Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Jeff Boleng, PhD
More informationSecurity Model for VM in Cloud
Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,
More informationEast African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?
East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management
More informationSecurity Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)
Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security
More informationSECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP
SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson
More informationExploring the Interactions Between Network Data Analysis and Security Information/Event Management
Exploring the Interactions Between Network Data Analysis and Security Information/Event Management Timothy J. Shimeall CERT Network Situational Awareness (NetSA) Group January 2011 2011 Carnegie Mellon
More informationSecurity & Trust in the Cloud
Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer
More informationA COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012
A COALFIRE PERSPECTIVE Moving to the Cloud A Summary of Considerations for Implementing Cloud Migration Plans into New Business Platforms NCHELP Spring Convention Panel May 2012 DALLAS DENVER LOS ANGELES
More informationWhy Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB
Why Private Cloud? O P E R A T I O N S V I E W Nenad BUNCIC EPFL, SI-EXHEB 1 What Exactly Is Cloud? Cloud technology definition, as per National Institute of Standards and Technology (NIST SP 800-145),
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationContracting Officer s Representative (COR) Interactive SharePoint Wiki
Contracting Officer s Representative (COR) Interactive SharePoint Wiki James Smith Andy Boyd Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material
More information2012 CyberSecurity Watch Survey
2012 CyberSecurity Watch Survey Unknown How 24 % Bad is the Insider Threat? 51% 2007-2013 Carnegie Mellon University 2012 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY
More informationCyber Intelligence Workforce
Cyber Intelligence Workforce Troy Townsend Melissa Kasan Ludwick September 17, 2013 Agenda Project Background Research Methodology Findings Training and Education Project Findings Workshop Results Objectives
More informationINTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS
INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing
More informationVMware for your hosting services
VMware for your hosting services Anindya Kishore Das 2009 VMware Inc. All rights reserved Everybody talks Cloud! You will eat your cloud and you will like it! Everybody talks Cloud - But what is it? VMware
More informationITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS
ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationA Secure System Development Framework for SaaS Applications in Cloud Computing
A Secure System Development Framework for SaaS Applications in Cloud Computing Eren TATAR, Emrah TOMUR AbstractThe adoption of cloud computing is ever increasing through its economical and operational
More informationCLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service
CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service Open Data Center Alliance, Inc. 3855 SW 153 rd Dr. Beaverton, OR 97003 USA Phone +1 503-619-2368 Fax: +1 503-644-6708 Email:
More informationUnmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Eric A. Hibbard, CISSP, CISA Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies and individual members may
More informationThe NIST Definition of Cloud Computing
Special Publication 800-145 The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication 800-145 The NIST
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationThe NIST Definition of Cloud Computing (Draft)
Special Publication 800-145 (Draft) The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication
More informationSupply-Chain Risk Management Framework
Supply-Chain Risk Management Framework Carol Woody March 2010 Scope of SEI Work Context Significantly reduce the risk (any where in the supply chain) that an unauthorized party can change the behavior
More informationElectricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division James Stevens is a senior member of the technical staff
More informationIT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.
IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationPanel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.
Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010 Panel on Emerging Cyber Security Technologies Robert
More informationIs it Time to Trust the Cloud? Unpacking the Notorious Nine
Is it Time to Trust the Cloud? Unpacking the Notorious Nine Jonathan C. Trull, CISO, Qualys Cloud Security Alliance Agenda Cloud Security Model Background on the Notorious Nine Unpacking the Notorious
More informationOWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect
OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud
More informationFuture of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST
Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service
More informationService-Oriented Cloud Automation. White Paper
Service-Oriented Cloud Automation Executive Summary A service-oriented experience starts with an intuitive selfservice IT storefront that enforces process standards while delivering ease and empowerment
More informationDigital Forensics for IaaS Cloud Computing
Digital Forensics for IaaS Cloud Computing June 26, 2012 The views expressed in this presentation are mine alone. Reference to any specific products, process, or service do not necessarily constitute or
More informationConsiderations for Adopting PaaS (Platform as a Service)
Considerations for Adopting PaaS (Platform as a Service) Michael Dolan (mdolan@pivotal.io) Senior Field Engineer April 2015 1 Becoming The Agile Enterprise To effectively achieve its missions, the Department
More informationTopics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.
Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing
More informationManagement of Security Information and Events in Future Internet
Management of Security Information and Events in Future Internet Who? Andrew Hutchison 1 Roland Rieke 2 From? 1 T-Systems South Africa 2 Fraunhofer Institute for Secure Information Technology SIT When?
More informationIntel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms
Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Enomaly Elastic Computing Platform, * Service Provider Edition Executive Summary Intel Cloud Builder Guide
More informationCourse 20533: Implementing Microsoft Azure Infrastructure Solutions
Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
More informationWhat Cloud computing means in real life
ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)
More informationVERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK
HANDBOOK VERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK CONSIDERATIONS FOR SERVICE ADOPTION Version 1.0 July 2014 VerisignInc.com CONTENTS 1. WHAT IS A DDOS PROTECTION SERVICE? 3 2. HOW CAN VERISIGN
More informationAn Architecture Model of Sensor Information System Based on Cloud Computing
An Architecture Model of Sensor Information System Based on Cloud Computing Pengfei You, Yuxing Peng National Key Laboratory for Parallel and Distributed Processing, School of Computer Science, National
More informationPublic Cloud Security: Surviving in a Hostile Multitenant Environment
Public Cloud Security: Surviving in a Hostile Multitenant Environment SESSION ID: EXP-R01 Mark Russinovich Technical Fellow Windows Azure, Microsoft @markrussinovich The Third Computing Era Security Could
More informationRunning head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1
Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Taking a Deeper Look at the Cloud: Solution or Security Risk? LoyCurtis Smith East Carolina University TAKING A DEEPER LOOK AT THE CLOUD:
More informationPrivate Cloud Database Consolidation with Exadata. Nitin Vengurlekar Technical Director/Cloud Evangelist
Private Cloud Database Consolidation with Exadata Nitin Vengurlekar Technical Director/Cloud Evangelist Agenda Private Cloud vs. Public Cloud Business Drivers for Private Cloud Database Architectures for
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationIntel IT s Cloud Journey. Speaker: [speaker name], Intel IT
Intel IT s Cloud Journey Speaker: [speaker name], Intel IT Accelerating The Corporate IT Journey Cloud enables ubiquitous access to resources and applications, and workload flexibility Cloud IaaS Infrastructure
More informationSuccessfully Deploying Globalized Applications Requires Application Delivery Controllers
SHARE THIS WHITEPAPER Successfully Deploying Globalized Applications Requires Application Delivery Controllers Whitepaper Table of Contents Abstract... 3 Virtualization imposes new challenges on mission
More informationDISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2
DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing Slide 1 Slide 3 A style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.
More informationRising to the Challenge
CYBERSECURITY: Rising to the Challenge Dialogues with Subject Matter Experts Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned
More informationSecurity of Payment Card Data on Cloud-Based Mobile Payment Platforms
Security of Payment Card Data on Cloud-Based Mobile Payment Platforms Randy Gainer ACI Forum on Emerging Payment Systems San Francisco March 22, 2013 Topics to be covered Cloud-based mobile payment solutions
More informationHow To Use Elasticsearch
Elasticsearch, Logstash, and Kibana (ELK) Dwight Beaver dsbeaver@cert.org Sean Hutchison shutchison@cert.org January 2015 2014 Carnegie Mellon University This material is based upon work funded and supported
More informationWhat REALLY matters in Cloud Security? RE: Internet of things sensors, data, security and beyond!
What REALLY matters in Cloud Security? RE: Internet of things sensors, data, security and beyond! HOW to best integrate security into the office AND the cloud? And what is a thing is that MORE we have
More informationData Centers and Cloud Computing
Data Centers and Cloud Computing CS377 Guest Lecture Tian Guo 1 Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Case Study: Amazon EC2 2 Data Centers
More informationPerspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009
Perspectives on Moving to the Cloud Paradigm and the Need for Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 2 NIST Cloud Computing Resources NIST Draft Definition of
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationA Survey on Cloud Security Issues and Techniques
A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com
More informationCA Automation Suite for Data Centers
PRODUCT SHEET CA Automation Suite for Data Centers agility made possible Technology has outpaced the ability to manage it manually in every large enterprise and many smaller ones. Failure to build and
More informationRED HAT CONTAINER STRATEGY
RED HAT CONTAINER STRATEGY An introduction to Atomic Enterprise Platform and OpenShift 3 Gavin McDougall Senior Solution Architect AGENDA Software disrupts business What are Containers? Misconceptions
More informationThe Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations
The Cloud at 30,000 feet Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations Survey: Where s home? How many using cloud computing now? How many thinking of using cloud computing? How
More informationWindows Embedded Security and Surveillance Solutions
Windows Embedded Security and Surveillance Solutions Windows Embedded 2010 Page 1 Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues
More informationCloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org
Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security
More informationCloud Customer Architecture for Web Application Hosting, Version 2.0
Cloud Customer Architecture for Web Application Hosting, Version 2.0 Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural
More informationDeploying Public, Private, and Hybrid Storage Clouds. Marty Stogsdill, Oracle
Deploying Public, Private, and Hybrid Storage Clouds Marty Stogsdill, Oracle SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies
More informationExperiences in Migrations of Legacy Systems
Experiences in Migrations of Legacy Systems Bill Wood, Mike Gagliardi, and Phil Bianco Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is
More informationVMware vcloud Powered Services
SOLUTION OVERVIEW VMware vcloud Powered Services VMware-Compatible Clouds for a Broad Array of Business Needs Caught between shrinking resources and growing business needs, organizations are looking to
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationCloud Computing Governance & Security. Security Risks in the Cloud
Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud
More informationImplementing Microsoft Azure Infrastructure Solutions
Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently
More informationSeeing Though the Clouds
Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating
More informationRemote Voting Conference
Remote Voting Conference Logical Architecture Connectivity Central IT Infra NIST Best reachability in India for R-Voting Initiative 200+ Physical MPLS POPs across India 5 Regional Data Centre at Pune,
More informationIt ain t all fluffy and blue sky out there!
It ain t all fluffy and blue sky out there! Who s this guy? Ward Spangenberg, Director of Security Operations, Zynga Game Network No - I won t whack the Petville boss who just broke into your cafe and
More informationCloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University
Cloud computing: the state of the art and challenges Jānis Kampars Riga Technical University Presentation structure Enabling technologies Cloud computing defined Dealing with load in cloud computing Service
More informationCompliance and Cloud Computing
Compliance and Cloud Computing Balaji Palanisamy Director, Southwest- US Coalfire Systems, Inc. July 24, 2014 Agenda Introduction Cloud Computing Basics Cloud Computing Threats Security vs. Compliance
More informationFACING SECURITY CHALLENGES
24 July 2013 TimeTec Cloud Security FACING SECURITY CHALLENGES HEAD-ON - by Mr. Daryl Choo, Chief Information Officer, FingerTec HQ Cloud usage and trend Cloud Computing is getting more common nowadays
More informationA Systematic Method for Big Data Technology Selection
A Systematic Method for Big Data Technology Selection John Klein Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is based upon work funded
More informationSECURITY THREATS TO CLOUD COMPUTING
IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 2, Issue 3, Mar 2014, 101-106 Impact Journals SECURITY THREATS TO CLOUD
More informationExtending AADL for Security Design Assurance of the Internet of Things
Extending AADL for Security Design Assurance of the Internet of Things Presented by Rick Kazman, PhD Team: Carol Woody (PI), Rick Kazman, Robert Ellison, John Hudak, Allen Householder Software Engineering
More informationInformation Auditing and Governance of Cloud Computing IT Capstone 4444 - Spring 2013 Sona Aryal Laura Webb Cameron University.
Information Auditing and Governance of Cloud Computing IT Capstone 4444 - Spring 2013 Sona Aryal Laura Webb Cameron University P a g e 1 P a g e 2 Table of Contents Abstract... 3 Introduction... 3 Previous
More informationTop 10 Cloud Risks That Will Keep You Awake at Night
Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com
More informationWindows Azure Platform
Windows Azure Platform Giordano Tamburrelli, PhD giotam@microsoft.com Academic Developer Evangelist Slides by David Chou You manage You manage You manage Types of Clouds Private (On-Premise) Infrastructure
More informationIntel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family
Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family White Paper June, 2008 Legal INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL
More informationCloud Essentials for Architects using OpenStack
Cloud Essentials for Architects using OpenStack Course Overview Start Date 18th December 2014 Duration 2 Days Location Dublin Course Code SS906 Programme Overview Cloud Computing is gaining increasing
More informationEmerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices
Emerging Approaches in a -Connected Enterprise: Containers and Microservices Anil Karmel Co-Founder and CEO, C2 Labs Co-Chair, NIST Security Working Group akarmel@c2labs.com @anilkarmel Emerging Technologies
More informationCloud Models and Platforms
Cloud Models and Platforms Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF A Working Definition of Cloud Computing Cloud computing is a model
More informationCloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University
Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot
More informationCloud Security for Federal Agencies
Experience the commitment ISSUE BRIEF Rev. April 2014 Cloud Security for Federal Agencies This paper helps federal agency executives evaluate security and privacy features when choosing a cloud service
More informationSecuring and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
More informationRequirements Engineering for SaaS Application Security in Cloud Using SQUARE Methodology
Requirements Engineering for SaaS Application Security in Cloud Using SQUARE Methodology E. Pragnavi J. Sandeep Kumar Assistant Professor, Product Technical Lead, Dept. of CSE, UCE, Infosys, Hyderabad
More informationU.S. HOUSE OF REPRESENTATIVES SUBCOMMITTEE ON TECHNOLOGY AND INNOVATION COMMITTEE ON SCIENCE, SPACE, AND TECHNOLOGY HEARING CHARTER
U.S. HOUSE OF REPRESENTATIVES SUBCOMMITTEE ON TECHNOLOGY AND INNOVATION COMMITTEE ON SCIENCE, SPACE, AND TECHNOLOGY HEARING CHARTER The Next IT Revolution?: Cloud Computing Opportunities and Challenges
More informationHow To Protect Your Cloud Computing Resources From Attack
Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview
More information