Management of Security Information and Events in Future Internet
|
|
- Cleopatra Scott
- 8 years ago
- Views:
Transcription
1 Management of Security Information and Events in Future Internet Who? Andrew Hutchison 1 Roland Rieke 2 From? 1 T-Systems South Africa 2 Fraunhofer Institute for Secure Information Technology SIT When? CS-GA 2011
2 Overview Changes and developments Vision Challenges Solutions and implied RTD needs Management of Security Information and Events (SIEM) in Future Internet (FI) New opportunities & new risks Security, resilience, privacy Current and future research
3 Security Information and Event Management Systems Product oriented view SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM solutions come as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. (Wikipedia, May 2011)
4 Systems Come in Threes!... a judgemental system, is involved in determining whether any particular activity (or inactivity) of a system in a given environment constitutes or would constitute - from its viewpoint - a failure. (Brian Randell, IFIP WG 10.4, Guadeloupe, 2007) judgemental system system environment
5 Changes and developments Future Internet (FI) is driving a complete re-think of the paradigm whereby organisations deploy and manage their own services and infrastructure *National Institute of Standards and Technology (NIST) Service Models Deployment Models customers Cloud applications SaaS Cloud platforms PaaS Public Clouds: Resources and Services from the Internet App Hybrid Clouds: The best of both worlds Private Clouds: Resources and Community services from secure Clouds: sources Platfor groups Characteristics m * self services access Infrastructu Rapid elasticity service re Source: T-Systems Fro special interest Cloud infrastructures Broad IaaS On demand network Services get outsourced into clouds Measured Resource pooling Infrastructures evolve hybrid - real & virtual & spread across administrative domains and physical sites
6 Changes and developments Cyber-physical Systems of Systems (SoS) get connected to the Internet Smart Grid IoT Car-to-X Use of meshed wireless communication structures > physical actuators get in reach of attackers Source: MASSIF project (Epsilon)
7 Vision Services & infrastructure in clouds leads to deployment of SIEM in clouds Internet Cloud Mail Content Management: SOC e.g. Anti-Virus, Anti-Spam Router Mail Relay Firewall & IPS Internet Gateway Firewall & IPS Firewall & IPS Internet Gateway Router Remote Proxy Server Internet Content Authentication Management: Server e.g. URL Filtering Security Operations Centre Monitoring Event Vulnerability Correlator Analysis Local Authentication Server Security Update Repository HIPS Anti-Virus Anti-Spyware Disk Encryption Campus/Remote Site Firewall & Firewall & IPS Identity IPS Servers Mail Server Management Site Router Data Centre Router HIPS Security Anti-Virus Management Anti-Virus Anti-Spam Anti-Spyware Data Centre Source: T-Systems Managed SIEM Today, multiple sources are collected centrally within the realm of the provider organisation
8 Vision Services & infrastructure in clouds leads to deployment of SIEM in clouds Source: T-Systems Future SIEM Scalable, inter-organisational, cross-level
9 Vision New opportunities Inter-organisational analyses are possible Adaptive countermeasures SaaS PaaS IaaS and new Risks Privacy and integrity of the events of any particular company Virtualisation layers introduce new vulnerabilities IoT enables new remote attacks against critical services & infrastructures
10 Vision New opportunities Inter-organisational analyses are possible Adaptive countermeasures SaaS PaaS IaaS and new Risks Privacy and integrity of the events of any particular company Virtualisation layers introduce new vulnerabilities IoT enables new remote attacks against critical services & infrastructures
11 Vision New SIEM deployment entails different thinking about the revenue model Source: T-Systems
12 Challenges Security, resilience, privacy Security for cloud applications & service infrastructures Intrusion tolerance, self-protection and self-healing QoS guarantees to ensure reliable and timeous arrival of security event information from the sensors The debate on Internet net-neutrality could also refer here since there could be a case for expediting control traffic such as SIEM event feeds New cryptographic techniques enabling processing of data in a privacy-preserving manner
13 Challenges High-level situational security awareness Application Attacker SaaS PaaS IaaS SIEM reasoning Resource Provide cross-layer, cross-domain security information given that the cloud hides technical delivery of the service from the SIEM provider (typically increasing for higher level services) SIEM needs limited transparency
14 Challenges High-level situational security awareness Application Attacker SaaS PaaS IaaS SIEM reasoning Resource Provide cross-layer, cross-domain security information given that the cloud hides technical delivery of the service from the SIEM provider (typically increasing for higher level services) SIEM needs limited transparency
15 Challenges Adaptive response Security Event Abstraction Process Model Attack Model Predictive analysis of upcoming security problems given that customers have no insights on risk mitigation mechanisms of cloud providers and overall status Anticipatory impact analysis & decision support Technical but also legal challenges
16 Solutions and implied RTD needs Resilient, trust-enabling SIEM architecture Unforgeability provisions Authenticated component event reporting Information flow defense Trustworthy event collection Trusted collection of security-relevant data from highly heterogeneous trusted networked devices (IoT) Resilient Internet-based backbone communication
17 Solutions and implied RTD needs Scalable security situation assessment Service Infrastructure SOI Events Network Devices Service Infrastructure SOI Logs Authentication Devices Authentication Events Security Devices Network Events Security Events Event Collection Event Processing Engine Event Correlation Languages External Language Events Internal Language Events Alarms Scalable distribution of acquisition & parallel processing Seamless function splitting core engines/edge collectors Parallel data streaming to SIEM in clouds Multi-level, multi-domain security event processing
18 Solutions and implied RTD needs Cross-layer reasoning & mitigation Predictive Alerts Countermeasure Evaluation Process Simulation Engine Attack Simulation Engine Multi-level security event modelling aims at a holistic solution to protect service infrastructures of FI Predictive security monitoring enables to fight attacks proactively by predicting their future actions Adaptive configuration of policies & countermeasures
19 A platform around which these thoughts are crystallizing! Multi-domain parallel-running processes Olympic Games Highly-scalable, dependable and multi-level event collection Predictive security analysis Multi-level security event modeling Alert and reaction generation Trustworthy event collection Actions and Countermeasures Languages Mobile money transfer service EVENTS POLICIES RELATIONS REACTIONS Security analysis and notification CI Process Control (Dam) Multi-level event correlation Process and attack simulation Resilient framework architecture Security-aware processes Managed Enterprise Service Infrastructures Event and Information Collection Event, Process Models and Attack Models Scenarios Prototypes Resilient event processing and integration Advanced SIEM Framework
20 Conclusions Changes and developments Vision Challenges Solutions and implied RTD needs FI is driving a complete re-think of the paradigm whereby organisations deploy and manage their own services and infrastructure Cyber-physical SoS get connected to the Internet Services & infrastructure in clouds leads to deployment of SIEM in clouds New opportunities and revenue models & new risks Security, resilience, privacy High-level situational security awareness Adaptive response Resilient, trust-enabling SIEM architecture Scalable security situation assessment Cross-layer reasoning & mitigation judgemental system system environment
21 Landscape of European Security Projects Source: Frances Cleary (EFFECTS+ project)
PRIVACY IMPLICATIONS FOR NEXT GENERATION SIEMs AND OTHER META-SYSTEMS
PRIVACY IMPLICATIONS FOR NEXT GENERATION SIEMs AND OTHER META-SYSTEMS www.massif-project.eu Dr Andrew Hutchison T-Systems (andrew.hutchison@t-systems.com) MAanagement of Security information and events
More informationMASSIF: A Promising Solution to Enhance Olympic Games IT Security
MAnagementof Security information and events in Service InFrastructures MASSIF: A Promising Solution to Enhance Olympic Games IT Security 7th ICGS3 / 4th e-democracy Joint Conferences 2011 August 25 th
More informationEnhancing Security and Trustworthiness with Next-Generation Security Information and Event Management
WHITE PAPER Enhancing Security and Trustworthiness with Next-Generation Security Information and Event Management June 2012 MASSIF is a project co-funded under contract FP7-257475 of the Seventh Framework
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationCAPABILITY STATEMENT
WHO WE ARE UberGlobal Enterprise is the dedicated government and enterprise business division of Australian web service provider, UberGlobal. UberGlobal was founded through the merger of a number of medium
More informationTrust areas: a security paradigm for the Future Internet
Trust areas: a security paradigm for the Future Internet Carsten Rudolph Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, Darmstadt, Germany Carsten.Rudolph@sit.fraunhofer.de
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationTENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4
TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6 TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4 Cloud services (Data Centre) and related Functional requirement Cloud services as a Control
More informationChapter 11 Cloud Application Development
Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationCHAPTER 8 CLOUD COMPUTING
CHAPTER 8 CLOUD COMPUTING SE 458 SERVICE ORIENTED ARCHITECTURE Assist. Prof. Dr. Volkan TUNALI Faculty of Engineering and Natural Sciences / Maltepe University Topics 2 Cloud Computing Essential Characteristics
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationUsing MASSIF to Protect a Critical Infrastructure: Dam Use Case
Using MASSIF to Protect a Critical Infrastructure: Dam Use Case Luigi Coppolino Epsilon Srl Advanced Security Event Management of Complex Systems CSP EU FORUM 24 th -25 th April, Berlin, Germany www.massif-project.eu
More informationTable of Contents. Abstract... Error! Bookmark not defined. Chapter 1... Error! Bookmark not defined. 1. Introduction... Error! Bookmark not defined.
Table of Contents Abstract... Error! Bookmark not defined. Chapter 1... Error! Bookmark not defined. 1. Introduction... Error! Bookmark not defined. 1.1 Cloud Computing Development... Error! Bookmark not
More informationOffer Highly Available SAAS Solutions with Huawei. Huang Li Executive Vice President of isoftstone
Offer Highly Available SAAS Solutions with Huawei Huang Li Executive Vice President of isoftstone Contents Contents 1 2 3 4 5 6 7 Significance of SMEs in Urban Development SME Status Quo IT Capabilities
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationCloud Computing Technology
Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationA Resilient Protection Device for SIEM Systems
A Resilient Protection Device for SIEM Systems Nuno Neves University of Lisboa, Portugal http://www.di.fc.ul.pt/~nuno Work with: Alysson Bessani, Miguel Garcia, Eric Vial, Ricardo Fonseca, Paulo Veríssimo
More informationCloud and Regulations: A match made in heaven, or the worst blind date ever?
Cloud and Regulations: A match made in heaven, or the worst blind date ever? Vinod S Chavan Director Industry Cloud Solutions, IBM Cloud October 28, 2015 Customers are faced with challenge of balancing
More informationChapter 2: Transparent Computing and Cloud Computing. Contents of the lecture
Chapter 2: Transparent Computing and Computing Lecture 2 透 明 计 算 与 云 计 算 的 关 联 Prof. Zixue Cheng 程 子 学 University of Aizu, 会 津 大 学 Visiting Professor of CSU 1 Contents of the lecture Definition, Architecture
More informationThales Communications Perspectives to the Future Internet 2 nd June 2010 - Luxembourg
Thales Communications Perspectives to the Future Internet 2 nd June 2010 - Luxembourg Challenges of Future Internet Internet as a starting point Was defined for asynchronous services (web pages, file transfer
More informationClavister InSight TM. Protecting Values
Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationIBM 000-281 EXAM QUESTIONS & ANSWERS
IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of
More informationA Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments
IJSTE - International Journal of Science Technology & Engineering Volume 1 Issue 10 April 2015 ISSN (online): 2349-784X A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationOptimizing Service Levels in Public Cloud Deployments
WHITE PAPER OCTOBER 2014 Optimizing Service Levels in Public Cloud Deployments Keys to Effective Service Management 2 WHITE PAPER: OPTIMIZING SERVICE LEVELS IN PUBLIC CLOUD DEPLOYMENTS ca.com Table of
More informationINTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS
INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing
More informationVortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems
Vortex White Paper Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems Version 1.0 February 2015 Andrew Foster, Product Marketing Manager, PrismTech Vortex
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationThe Advantages of Security as a Service versus On-Premise Security
The Advantages of Security as a Service versus On-Premise Security ABSTRACT: This document explores the growing trend of hosted/managed security as a service and why the cloud is quickly becoming the preferred
More informationPerformance Evaluation of Intrusion Detection Systems
Performance Evaluation of Intrusion Detection Systems Waleed Farag & Sanwar Ali Department of Computer Science at Indiana University of Pennsylvania ABIT 2006 Outline Introduction: Intrusion Detection
More informationMany network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.
RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional
More informationPublic, Private, Hybrid:
Public, Private, Hybrid: How to Use the Cloud for More Effective Security Symantec and Cloud Computing Ron Poserina, Director of Systems Engineering Agenda Our Perspective on Cloud Computing Why Cloud
More informationSolution for Virtualization to Ensure Optimal Network Security Environment
Solution for Virtualization to Ensure Optimal Network Security Environment Shoji Kohira Kenji Mitsuhashi Shuji Yahiro Shinichi Ikeda The Internet became widely diffused once the Internet Protocol (IP)
More informationState of Security Monitoring of Public Cloud
State of Security Monitoring of Public Cloud Shittu O. Shittu Enterprise Security Architect, BP Enterprise Security Architect, trainline.com Director and Principal Consultant, TRAIS Mavens Ltd Highlights
More informationEssential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service
Cloud Computing Although cloud computing is quite a recent term, elements of the concept have been around for years. It is the maturation of Internet. Cloud Computing is the fine end result of a long chain;
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationCALNET 3 Category 7 Network Based Management Security. Table of Contents
State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationEnterprise Application Enablement for the Internet of Things
Enterprise Application Enablement for the Internet of Things Prof. Dr. Uwe Kubach VP Internet of Things Platform, P&I Technology, SAP SE Public Internet of Things (IoT) Trends 12 50 bn 40 50 % Devices
More informationSecurity and Reliability Requirements for Advanced Security Event Management
c 2012 Springer-Verlag. This is an author-created version of the work with DOI: 10.1007/978-3-642-33704-8 15. The original publication is available at www.springerlink.com. http://link.springer.com/chapter/10.1007%2f978-3-642-33704-8_15
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationTopics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.
Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationFederal Aviation Administration. efast. Cloud Computing Services. 25 October 2012. Federal Aviation Administration
efast Cloud Computing Services 25 October 2012 1 Bottom Line Up Front The FAA Cloud Computing Vision released in 2012 identified the agency's road map to meet the Cloud First Policy efast must provide
More informationAbstract 1. INTRODUCTION
Abstract CLOUD COMPUTING GauravBawa & Sheena Girdhar DAV Institute of Engineering and Technology, Jalandhar Email: gaurav.daviet@yahoo.com, sheenagirdhar@gmail.com Contact Numbers: 09417614654,09914658188
More informationThe Private Cloud Your Controlled Access Infrastructure
White Paper: Private Clouds The ongoing debate on the differences between a Public and Private Cloud are broad and often loud. The bottom line is that it s really about how the resource, or computing power,
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationGabriel Coimbra Research & Consulting Director IDC Portugal. Porto, 29 de Maio 2008. www.idc.com
IT Security Market Overview Gabriel Coimbra Research & Consulting Director IDC Portugal Porto, 29 de Maio 2008 www.idc.com Agenda Market context IT Security context CSO Agenda IT Security market Conclusion
More informationPlanning in Transport and Logistics Future Internet Solutions for Improved Integration and Collaboration
Planning in Transport and Logistics Future Internet Solutions for Improved Integration and Collaboration Prof. Dr. Rod Franklin, P.E. Vice President, Product Development Kuehne + Nagel Management AG Adjunct
More informationWhy Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB
Why Private Cloud? O P E R A T I O N S V I E W Nenad BUNCIC EPFL, SI-EXHEB 1 What Exactly Is Cloud? Cloud technology definition, as per National Institute of Standards and Technology (NIST SP 800-145),
More informationAlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide
AlienVault Unified Security Management (USM) 4.x-5.x Deployment Planning Guide USM 4.x-5.x Deployment Planning Guide, rev. 1 Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationCloud Computing; What is it, How long has it been here, and Where is it going?
Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where
More informationSeamless ICT Infrastructure Security.
Seamless ICT Infrastructure Security. Integrated solutions from a single source. Effective protection requires comprehensive measures. Global networking has practically removed all borders in the exchange
More informationProduct Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET
Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET ELITE S NEXT GENERATION MANAGED SECURITY SERVICES Security risks to business information systems are expanding at a rapid rate; often,
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationA Model-based Methodology for Developing Secure VoIP Systems
A Model-based Methodology for Developing Secure VoIP Systems Juan C Pelaez, Ph. D. November 24, 200 VoIP overview What is VoIP? Why use VoIP? Strong effect on global communications VoIP will replace PSTN
More informationCloud Computing, and REST-based Architectures Reid Holmes
Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Cloud Computing, and REST-based Architectures Reid Holmes Cloud precursors Grid Computing:
More informationGOOD PRACTICE GUIDE 13 (GPG13)
GOOD PRACTICE GUIDE 13 (GPG13) GPG13 - AT A GLANCE Protective Monitoring (PM) is based on Good Practice Guide 13 Comprises of 12 sections called Proactive Monitoring Controls 1-12 Based on four Recording
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationCisco Remote Management Services for Security
Cisco Remote Management Services for Security Innovation: Many Take Advantage of It, Some Strive for It, Cisco Delivers It. Cisco Remote Management Services (RMS) for Security provide around the clock
More informationWeb Application Hosting Cloud Architecture
Web Application Hosting Cloud Architecture Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural elements described
More information1.1.1 Introduction to Cloud Computing
1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationGrid Computing Vs. Cloud Computing
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 6 (2013), pp. 577-582 International Research Publications House http://www. irphouse.com /ijict.htm Grid
More informationSecurity of Cloud Computing for the Power Grid
ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY
More informationDISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2
DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing Slide 1 Slide 3 A style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.
More informationCloud Computing Security Issues And Methods to Overcome
Cloud Computing Security Issues And Methods to Overcome Manas M N 1, Nagalakshmi C K 2, Shobha G 3 MTech, Computer Science & Engineering, RVCE, Bangalore, India 1,2 Professor & HOD, Computer Science &
More informationPlant Software in the Cloud Fact vs. Myth
Plant Software in the Cloud Fact vs. Myth Andy Chatha President ARC Advisory Group AChatha@ARCweb.com Manufacturing Performance Improvement Levers Systems People Processes Information Things 2 Transformational
More informationSecurity Coordination with IF-MAP
Security Coordination with IF-MAP Matt Webster, Lumeta 28 Sept 2010 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Recap of TNC Explanation of IF-MAP What is IF-MAP?
More informationCyberoam Perspective BFSI Security Guidelines. Overview
Overview The term BFSI stands for Banking, Financial Services and Insurance (BFSI). This term is widely used to address those companies which provide an array of financial products or services. Financial
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationThe Internet of ANYthing
The of ANYthing Abstract It is projected that by 2020 there will be 50 billion things connected to the. This presents both unprecedented opportunity and challenge. In the global network of things, new
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationFour Top Emagined Security Services
Four Top Emagined Security Services. www.emagined.com Emagined Security offers a variety of Security Services designed to support growing security needs. This brochure highlights four key Emagined Security
More informationEnabling the SmartGrid through Cloud Computing
Enabling the SmartGrid through Cloud Computing April 2012 Creating Value, Delivering Results 2012 eglobaltech Incorporated. Tech, Inc. All rights reserved. 1 Overall Objective To deliver electricity from
More informationBuilding More Reliable Cloud Services The CUMULUS Project
Building More Reliable Cloud Services The CUMULUS Project Antonio Álvarez Romero aalvarez@wtelecom.es London, 17 th June 2014 1 Table of contents Motivations Goals to be achieved What is CUMULUS? Application
More informationCLOUD COMPUTING IN RURAL EDUCATIONAL SECTOR:ENLIGHTENING BENEFITS AND CHALLENGES
International Journal of Computer Science Engineering and Information Technology Research (IJCSEITR) ISSN 2249-6831 Vol. 3, Issue 2, Jun 2013, 317-322 TJPRC Pvt. Ltd. CLOUD COMPUTING IN RURAL EDUCATIONAL
More informationSteve Lusk Alex Amirnovin Tim Collins
Steve Lusk Alex Amirnovin Tim Collins ViaSat Inc. Cyber-intrusion Auto-response and Policy Management System (CAPMS) Cybersecurity for Energy Delivery Systems Peer Review August 5-6, 2014 Summary: Cyber-intrusion
More informationCloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC
Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationIT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011
IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 Cloud Basics Cloud Basics The interesting thing about cloud computing is that we've redefined cloud computing to include everything
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationLearning Management Redefined. Acadox Infrastructure & Architecture
Learning Management Redefined Acadox Infrastructure & Architecture w w w. a c a d o x. c o m Outline Overview Application Servers Databases Storage Network Content Delivery Network (CDN) & Caching Queuing
More informationFundamental Concepts and Models
Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract
More informationThe High Availability and Resiliency of the Pertino Cloud Network Engine
The High Availability and Resiliency of the Pertino Cloud Network Engine Executive summary The emergence of cloud network architectures can be directly attributed to the evolution of business IT. As the
More informationA HELPING HAND TO PROTECT YOUR REPUTATION
OVERVIEW SECURITY SOLUTIONS A HELPING HAND TO PROTECT YOUR REPUTATION CONTENTS INFORMATION SECURITY MATTERS 01 TAKE NOTE! 02 LAYERS OF PROTECTION 04 ON GUARD WITH OPTUS 05 THREE STEPS TO SECURITY PROTECTION
More informationAgenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures
Firewall Agenda Unit 1 Understanding of Firewall s definition and Categorization Unit 2 Understanding of Firewall s Deployment Architectures Unit 3 Three Representative Firewall Deployment Examples in
More informationSwisscom Cloud. Building a secure cloud. SIGS, 09.09.2014 Christof Jungo
Swisscom Cloud Building a secure cloud SIGS, 09.09.2014 Christof Jungo Cloud What is changing? 2 Enterprise Datacenter High secure tier 3 & 4 Server typ Processor architecture: various Baremetal & virtual
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More information