Seed4C: Secured Embedded Element and Data privacy for Cloud federation
|
|
- Margery Hopkins
- 8 years ago
- Views:
Transcription
1 Seed4C: Secured Embedded Element and Data privacy for Cloud federation Eddy Caron, Sylvain Gault, Arnaud Lefray, Jonathan Rouzaud-Cornabas, Guillaume Verger, Yulin Zhang and The Seed4C consortium WG Avalon February, 12th. 2015
2 Seed4C [UGB April, 16th. 2013] 2 Cloud Computing
3 What s about Security in this new distributed world Target breach the attackers siphoned 40 million credit and debit cards from Target's point-of-sale (POS) systems 70 million additional stolen information customers Seed4C [UGB April, 16th. 2013] 3
4 Heartbleed bug 900 social insurance numbers stolen from Canada Revenue Agency Mumsnet - which says it has 1.5 million registered members - said that it believed that the cyber thieves may have obtained passwords and personal messages before it patched its site. Seed4C [UGB April, 16th. 2013] 4
5 Bring better security in Cloud Seed4C [UGB April, 16th. 2013] 5
6 What is missing to bring cloud to better security? Securing isolated machine cannot be enough to address security of cloud / virtualized infrastructures. Virtualization is not security! M. Christodorescu, R. Sailer, D. L. Schales, D. Sgandurra, and D. Zamboni. Cloud security is not (just) virtualization security. In Proc. of the 2009 ACM workshop on Cloud computing security Seed4C [UGB April, 16th. 2013] 6
7 What is missing to bring cloud to better security? Securing isolated machine cannot be enough to address security of cloud / virtualized infrastructures. The challenge is not only to secure the software running on a single machine, but rather to manage and guarantee the security of a cluster of computers seen as a single entity. Also the centralized security servers will not be efficient A new type of approach is required taking into account the specific cloud architecture Seed4C [UGB April, 16th. 2013] 7
8 The Seed4C Project Seed4C [UGB April, 16th. 2013] 8
9 Seed4C Project members A Celtic+ Project Start date: Apr 2012 End date: Dec 2014 Members: 4 countries, 17 partners 3 core skills and experience Security technologies Infrastructures / Cloud Assurance Seed4C [UGB April, 16th. 2013] 9
10 A new vision of Cloud Security Seed4C [UGB April, 16th. 2013] 10
11 Main focus The value proposition of secure elements to protect software execution is not to be demonstrated Emergence of cloud computing has led to a growing number of use scenarios where one has to deal, not with a single machine, but rather a group of connected machines. The project will deal with the concept of Network of Secure Elements (NoSE) Seed4C [UGB April, 16th. 2013] 11
12 Secure Element Enhanced (SEE) SEE Definition Provides a Trusted Computing Base installed on a Cloud element (physical computer, Virtual Element, Rich Element, smartphone...) Is a set of trusted components, including hardware, firmware and/or software components Manages several kinds of security components to protect each Cloud level Supports user interactions to improve the security Provides feedback and evidence of the security Seed4C [UGB April, 16th. 2013] 12
13 SEE Architecture SEE with three kinds of security components (Network, MAC/ Formal, TE/SE) : improve the security of a Virtual / Rich Element Seed4C [UGB April, 16th. 2013] 13
14 Advantages of SEE Supports the flexibility and the agnostic nature of the Cloud Improves the security of existing technologies such as Trusted Element/ Secure Element : protection of the interfaces between the TE/SE and the VE/ RE (i.e. VM/OS) Improves the security of patrimonial systems (Windows, Unix,...) Provides an in-depth protection of Cloud environments (host/node, VMs, application, network,...) Versatile : SEE adjusts the security (crypto/protection) to the capabilities of the hosts/nodes Security assurance with or without a dedicated hardware Seed4C [UGB April, 16th. 2013] 14
15 State of the art Virtualization Xen/KVM do not protect the VMs : security into the VMs (Dom0, DomU) fails (e.g. demonstrated by the french security challenge) since the host is not secure any domu VM can make a escalation of privileges dom0 can be compromised from the host (even with signatures of all the resources) Security at the host level first All the industrial/research approaches (e.g. IBM, NSA svirt,...) satisfy this necessity Security between the VMs (properties between the VMs) Security extended to the over levels (in-depth protection) Security inside a VM (properties inside a VM) Security inside a software/service/application (properties inside an application e.g. a Java application) of a VM Seed4C [UGB April, 16th. 2013] 15
16 Network of Secure Elements NoSE are made of individuals secure elements attached to computers, User or network appliance and possibly pre-provisionned with initial secret keys (Seed) They can establish security association, communicate together to setup a trusted network of computers and propagate security conditions centrally defined to a group of machine The project will study the impact of NoSE upon the different layers of the architecture, from hardware to services in order to define how the trust can be propagated from the lower layers to the upper ones Seed4C [UGB April, 16th. 2013] 16
17 How to distribute Secure Elements in IaaS and provide added value to PaaS and SaaS? N 1 Seed4C [UGB April, 16th. 2013] 17
18 Secure load balancing and middleware N 2 Seed4C [UGB April, 16th. 2013] 18
19 Policies execution and assurance N 3 At an upper level, the definition and implementation of security and a c c e s s c o n t r o l, p r i va c y a n d identities policies involving secured elements will be specified, as well as the upper middleware. Assurance Services Policies Policy execution Protected execution Applications VM 1.1 SE 1 Hypervisor 1 Hardware 1 TPM1? Seed4C [UGB April, 16th. 2013] Server 1 19
20 Security- Aware Models for Clouds Sam4C Seed4C [UGB April, 16th. 2013] 20
21 Security Objectives of Cloud Applications Motivation [Sandhu'10]: Need to develop models, methodologies and architectures for decentralized dynamic management of security and assurance policies Contribution: Provide a Cloud application model and the associated security policy to design security- aware scheduling/provisioning algorithms (Decision Step). Long- term objective: Exploit security- aware models to provide automatic security deployment and configuration in Clouds (Distribution & Projection Step). Seed4C [UGB April, 16th. 2013] 21
22 Three- Step Management Workflow Decision: Input: Application model with security objectives Output: Mapping decisions Security rules Distribution: Input: Mapping + Security rules Output: Distributed sub- rules Projection: Input: A sub- rule Output: Security mechanism configuration Seed4C [UGB April, 16th. 2013] 22
23 Security- Aware Model Seed4C [UGB April, 16th. 2013] 23
24 Cloud Federation Management DIET Seed4C [UGB April, 16th. 2013] 24
25 Cloud Management with DIET RAISON D ÊTRE Corba Client Master Agent! MANAGE A FEDERATION MA MA OF CLOUDS MA MA MA How can we build a Local Agent middleware that makes it easy LA Server front end LA for the end user? LA Context: Development of a LA toolbox for deploying application services providers with a hierarchical architecture for scalability Validation: Large validation over Grid Interoperability: DIET is compliant with the Grid- RPC DIET use case: The Decrypthon project DIET was selected by IBM
26 Achievements on DIET Security enforcement Secured communications between: Agents, ServerDaemons and Clients Security metric study to improve the scheduling Cloud enforcement - Cloud support OpenStack support (with isolation) OpenStack vs OpenNebula comparison study Visualization enforcement VizDiet with security support Display in real- time DIET cartography Virtual Machines in cloud User- friendly
27 Achievements on Cloud Management with DIET Multi- Cloud Management Instantiation and destruction of VMs Modules to manage DIET services in Virtual Machines Building services Deployment of services in Virtual Machines Puppet Services running on demand Algorithms New Scheduler Simulations and Validation
28 Seed4C The Demonstrator Seed4C [UGB April, 16th. 2013] 28
29 WP5: Demonstrator
30 Achieved Work on WP5: The demonstrator T5.1 T5.2 Describe implementation of one (or several uses cases) to be demonstrated Deployment and execution of the demonstrator on the platform Objectives - Definition of the demonstrators - Implementation of the demonstrators - Deployment and execution of the demonstrators on the platform (supporting the whole SEED4C process) 30
31 Task 5.2: Deployment & execution of the demonstrator on the platform Seed4C Architecture T5.2.1 Sam4C T5.2.2 DIET T5.2.3 SPS T5.2.4 OpenStack Cloud Federation T5.2.5 SEE T5.2.6 NoSEE T5.2.7 Assurance Module
32 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.1 Sam4C Sam4C Modeler - Single Cloud - Direct connexion with SPS (RMI protocol) - Cloud Federation - Connexion through DIET Sam4C Modeler - Add contexts physical correspondance file (i.e context.conf) Sam4C Scheduler - Grid 5000 physical nodes templates - Integrate the templates into the placement algorithms - Sort SEE properties, that is decide which SEE a property belongs to (in order to send it later on). - Generate policy.conf and context.conf files. Sam4C Scheduler
33 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.2 DIET Security enforcement Secured communications between: Agents, ServerDaemons and Clients Security metric study to improve the scheduling Cloud enforcement - Cloud support OpenStack support (with isolation) OpenStack vs OpenNebula comparison study
34 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.4 OpenStack define Sam4C Model input ROOT Controller Seed4C API Extension Nova API Seed4C Scheduler Extension Nova Scheduler input output Local security Model Seed4C Infra model extends Nova DB Infrastructure model OpenStack Seed4C agent Extension Nova Compute VM Compute puppet agent
35 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.5 SPS CM P CM P Op urc es CMP: Cloud Management Platform SPS: Secure Provisioning and Scheduling Nim bus Re sou r ces SPS la SPS enn ebu Re so SPS Secure Provisioning and Scheduling (SPS) Get the necessary infrastructure information of Cloud (OpenStack) and send them to Sam4C- Scheduler, Deploy the application model with the security properties, Communicate with SEEs to configure them and return their information to Sam4C, Store and index SEE information in OpenStack database. DIET
36 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.5 SEE SEE = Java application (run as a service) One SEE is installed on each host and on each VM Start on boot (via an init script) SEE receives security properties from Sam4C SEE enforces security with SSM configuration Supported distributions: CentOS 6 64 bits, CentOS 7 64 bits Debian 32 bits PI 5 PI 4 SEE
37 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.5 SEE SSM Plugins Iptables Openvpn PAM SELinux SSH DPM SESM Oscap PI 4 PI 4 SEE
38 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.6 NoSEE NoSE DEMO SETUP User T1 User T Tenant1 AP1 Client Tenant2 AP2 Client Tenant Network router/switch Tenant Network(s) NoSE Admin Server1 NOSE ADMIN WEB SERVER Server TestAPP Server TestAPP SE1 HYPERVISOR SESM Master VM INTERNAL VLAN SE2 HYPERVISOR SESM VM2 INTERNAL VLAN SESM VM SE HYPERVISOR INTERNAL VLAN Nose Network router/switch NOSE Admin Web Client { } Internal Internal Internal vswitch vswitch vswitch Tenant ADMIN Web Client { } NoSE Network NoSE Admin Tenant(s) Admin
39 Task 5.2: Deployment & execution of the demonstrator on the platform T5.2.7 Assurance Module Assurance Monitoring AMT AVT AAE MA VM1 SEE ACE VM2 SEE ACE B M B M Measurement Framework
40 Task 5.2: Deployment & execution of the demonstrator on the platform Seed4C Demonstrator Scenario Interface 1: Send Application model Interface 2: Get infra/image information Interface 3: Create image; Launch VMs Interface 4: Register SEE Interface 5: Configure SEE RI 2 Sam4C Modeler RI 1 PI 1 Sam4C Scheduler RI 3 PI 2 PI 3 SPS Legend: Required interface Provided interface RI 5 PI 5 SEE RI 4 PI 4
41 Task 5.2: Deployment & execution of the demonstrator on the platform Seed4C Cloud Federation Architecture
42 WP5: Demonstrator Achieved work summary OpenStack Seed4C version git clone Seed4C_Demonstrator.git Seed4C_Demonstrator SEE code git clone Sam4C code Sam4C is available on Inria Forge DIET code Available on the DIET website (or debian package) DIET 2.9 (Seed4C release) in march 2015 SESM code SESM Master, SESM Slaves, NOSEAdministation / TenantAdministration APP And SESM STUB Stored accordingly in internals Configuration Management repositories (Gemalto) 5 videos from demos are available
43 User WP5: Demonstrator Achieved work summary Sam4C Modeling Mapping Split Engine Application model User Infrastructure model SPS OpenStack Cloud Manager ( DIET ) Cloud Infrastructure ( OpenStack ) User Sam4C Scheduler Middleware VM VM VM VM Application Application Application SEE Application Application Application SEE Application Application Application SEE Application Application Application SEE SE SE SSM SSM SE SE SSM SSM SE SE SSM SSM SE SE SSM SSM SSM SSM Seed4C Hypervisor SSM SSM Seed4C Hypervisor SEE SE SE Hardware SEE SE SE Hardware Host 1 Host 2 Network of Secure Elements (NoSE ) and Network of Secure Element Extended (NoSEE) NoSE Admin
44 Seed4C The Movies! And now 44
Seed4C: A Cloud Security Infrastructure validated on Grid 5000
Seed4C: A Cloud Security Infrastructure validated on Grid 5000 E. Caron 1, A. Lefray 1, B. Marquet 2, and J. Rouzaud-Cornabas 1 1 Université de Lyon. LIP Laboratory. UMR CNRS - ENS Lyon - INRIA - UCBL
More informationSeed4C: A High-security project for Cloud Infrastructure
Seed4C: A High-security project for Cloud Infrastructure J. Rouzaud-Cornabas (LIP/CC-IN2P3 CNRS) & E. Caron (LIP ENS-Lyon) November 30, 2012 J. Rouzaud-Cornabas (LIP/CC-IN2P3 CNRS) & E. Seed4C: Caron (LIP
More informationCLOUD COMPUTING. When It's smarter to rent than to buy
CLOUD COMPUTING When It's smarter to rent than to buy Is it new concept? Nothing new In 1990 s, WWW itself Grid Technologies- Scientific applications Online banking websites More convenience Not to visit
More informationSTeP-IN SUMMIT 2013. June 18 21, 2013 at Bangalore, INDIA. Performance Testing of an IAAS Cloud Software (A CloudStack Use Case)
10 th International Conference on Software Testing June 18 21, 2013 at Bangalore, INDIA by Sowmya Krishnan, Senior Software QA Engineer, Citrix Copyright: STeP-IN Forum and Quality Solutions for Information
More information2) Xen Hypervisor 3) UEC
5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools
More informationDIET A Scalable Platform for Clusters, Grids and Clouds
DIET A Scalable Platform for Clusters, Grids and Clouds Eddy Caron, Frédéric Desprez INRIA LIP ENS Lyon Avalon Research Team Benjamin Depardon SysFera Joint work with A. Muresan, J. Rouzaud-Cornabas (LIP
More informationConfiguring and Managing a Private Cloud with Enterprise Manager 12c
Configuring and Managing a Private Cloud with Enterprise Manager 12c IOUG Online Education Series 12:00pm - 1:00pm CT, June 26, 2012, Kai Yu Oracle Solutions Engineering Lab Enterprise Solutions Engineering,
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationDevOps Course Content
DevOps Course Content INTRODUCTION TO DEVOPS What is DevOps? History of DevOps Dev and Ops DevOps definitions DevOps and Software Development Life Cycle DevOps main objectives Infrastructure As A Code
More informationAn Autonomic Cloud Management System for Enforcing Security and Assurance Properties
An Autonomic Cloud Management System for Enforcing Security and Assurance Properties CLHS 15 Laurent Bobelin, Aline Bousquet, Jérémy Briffaut Laboratoire d Informatique, Tours, France INSA Centre Val de
More informationovirt self-hosted engine seamless deployment
ovirt self-hosted engine seamless deployment Simone Tiraboschi Software Engineer Red Hat Agenda ovirt Hosted Engine Current - 3.5 - HE deploy flow Enabling technologies New - 3.6 - deploy flow Comparison
More informationIaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
More informationMobile Cloud Computing T-110.5121 Open Source IaaS
Mobile Cloud Computing T-110.5121 Open Source IaaS Tommi Mäkelä, Otaniemi Evolution Mainframe Centralized computation and storage, thin clients Dedicated hardware, software, experienced staff High capital
More informationS E E D 4 C. ecure mbedded lements & ata protection the loud. By : Jean-Marc Lambert, Cloud Computing R&D, Gemalto http://www.celticplus-seed4c.
S E E D 4 C ecure mbedded lements & ata protection the loud By : Jean-Marc Lambert, Cloud Computing R&D, Gemalto http://www.celticplus-seed4c.org/ Context Security of the Cloud is still an roadblock to
More informationUsing SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP
Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP
More informationInfrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) (ENCS 691K Chapter 4) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Moreno et al.,
More informationIntroduction to Cloud Computing
Introduction to Cloud Computing Shang Juh Kao Dept. of Computer Science and Engineering National Chung Hsing University 2011/10/27 CSE, NCHU 1 Table of Contents 1. Introduction ( 資 料 取 自 NCHC 自 由 軟 體 實
More informationPES. High Availability Load Balancing in the Agile Infrastructure. Platform & Engineering Services. HEPiX Bologna, April 2013
PES Platform & Engineering Services High Availability Load Balancing in the Agile Infrastructure HEPiX Bologna, April 2013 Vaggelis Atlidakis, -PES/PS Ignacio Reguero, -PES/PS PES Outline Core Concepts
More informationCloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH
Cloud Computing for Control Systems CERN Openlab Summer Student Program 9/9/2011 ARSALAAN AHMED SHAIKH CONTENTS Introduction... 4 System Components... 4 OpenNebula Cloud Management Toolkit... 4 VMware
More informationAn Alternative to the VMware Tax...
An Alternative to the VMware Tax... John Tietjen Senior Solutions Architect Red Hat November 19, 2014 This presentation created for: AGENDA Red Hat Overview Red Hat Enterprise Virtualization: An alternative
More informationMirantis OpenStack Express: Security White Paper
Mirantis OpenStack Express: Security White Paper Version 1.0 2005 2014 All Rights Reserved www.mirantis.com 1 Introduction While the vast majority IT professionals are now familiar with the cost-saving
More informationCloud Storage in a PaaS World
Cloud Storage in a PaaS World Susan Wu Oracle Group Manager, Product Management Cloud Storage runs Apps Just like a Platform runs Applications, there are many Applications that need to run in Cloud Storage
More informationHAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer
HAWAII TECH TALK SDN Paul Deakin Field Systems Engineer SDN What Is It? SDN stand for Software Defined Networking SDN is a fancy term for: Using a controller to tell switches where to send packets SDN
More informationHow Bigtop Leveraged Docker for Build Automation and One-Click Hadoop Provisioning
How Bigtop Leveraged Docker for Build Automation and One-Click Hadoop Provisioning Evans Ye Apache Big Data 2015 Budapest Who am I Apache Bigtop PMC member Software Engineer at Trend Micro Develop Big
More informationThis presentation provides an overview of the architecture of the IBM Workload Deployer product.
This presentation provides an overview of the architecture of the IBM Workload Deployer product. Page 1 of 17 This presentation starts with an overview of the appliance components and then provides more
More informationNetworks and Services
Networks and Services Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Fall 2015 TOC 1 Infrastructure as a Service 2 Platform as a Service 3 Software as a Service Infrastructure as a Service Definition Infrastructure
More informationNessus or Metasploit: Security Assessment of OpenStack Cloud
Nessus or Metasploit: Security Assessment of OpenStack Cloud Aleksandar Donevski, Sasko Ristov and Marjan Gusev Ss. Cyril and Methodius University, Faculty of Information Sciences and Computer Engineering,
More informationVIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS. 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab.
VIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab. Motivation The era of cloud computing Motivation In the
More informationCLEVER: a CLoud-Enabled Virtual EnviRonment
CLEVER: a CLoud-Enabled Virtual EnviRonment Francesco Tusa Maurizio Paone Massimo Villari Antonio Puliafito {ftusa,mpaone,mvillari,apuliafito}@unime.it Università degli Studi di Messina, Dipartimento di
More informationIntel Service Assurance Administrator. Product Overview
Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an
More informationIntel IT Cloud Extending OpenStack* IaaS with Cloud Foundry* PaaS
Intel IT Cloud Extending OpenStack* IaaS with Cloud Foundry* PaaS Speaker: Catherine Spence, IT Principal Engineer, Cloud Computing Acknowledgements: Aaron Huber, Jon Price November 2014 Legal Notices
More informationOpenStack/Quantum SDNbased network virtulization with Ryu
OpenStack/Quantum SDNbased network virtulization with Ryu Kei Ohmura NTT May 31, 2013 Outline Introduction to Ryu OpenStack Quantum and Ryu Demo Summary 2 What is Ryu 流流 (ryu) means flow 龍龍 (ryu) means
More informationHow To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan
Centec s SDN Switch Built from the Ground Up to Deliver an Optimal Virtual Private Cloud Table of Contents Virtualization Fueling New Possibilities Virtual Private Cloud Offerings... 2 Current Approaches
More informationVirtualization, SDN and NFV
Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,
More informationIaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11
Cloud Computing (IV) s and SPD Course 19-20/05/2011 Massimo Coppola IaaS! Objectives and Challenges! & management in s Adapted from two presentations! by Massimo Coppola (CNR) and Lorenzo Blasi (HP) Italy)!
More informationSUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack. Gábor Nyers Sales Engineer @SUSE gnyers@suse.com
SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack Gábor Nyers Sales Engineer @SUSE gnyers@suse.com Introductory video ChalkTalk: SUSE OpenStack Cloud 2 Stetting the Stage for SUSE OpenStack
More informationVirtual Machine Management with OpenNebula in the RESERVOIR project
CISCO Cloud Computing Research Symposium (C 3 RS) November 5 & 6, 2008 San Jose, CA Virtual Machine Management with OpenNebula in the RESERVOIR project Ruben Santiago Montero Distributed Systems Architecture
More information2013 ovh.com. All rights reserved
Abstract During this session, the user will learn how to optimize security, rights, network layers to build Private, Hybrid & Public Cloud range of services based on a same infrastructure using VMware
More informationLinux/Open Source and Cloud computing Wim Coekaerts Senior Vice President, Linux and Virtualization Engineering
Linux/Open Source and Cloud computing Wim Coekaerts Senior Vice President, Linux and Virtualization Engineering NIST Definition of Cloud Computing Cloud computing is a model for enabling convenient, on-demand
More informationCloud on TEIN Part I: OpenStack Cloud Deployment. Vasinee Siripoonya Electronic Government Agency of Thailand Kasidit Chanchio Thammasat University
Cloud on TEIN Part I: OpenStack Cloud Deployment Vasinee Siripoonya Electronic Government Agency of Thailand Kasidit Chanchio Thammasat University Outline Objectives Part I: OpenStack Overview How OpenStack
More informationCloud services in PL-Grid and EGI Infrastructures
1 Cloud services in PL-Grid and EGI Infrastructures J. Meizner, M. Radecki, M. Pawlik, T. Szepieniec ACK Cyfronet AGH Cracow Grid Workshop 2012, Kraków, 22.10.2012 Overview 2 Different types of Compute
More informationMarco Mantegazza WebSphere Client Technical Professional Team IBM Software Group. Virtualization and Cloud
Marco Mantegazza WebSphere Client Technical Professional Team IBM Software Group Virtualization and Cloud Agenda Cloud Computing: Introduction How to build private Cloud with WebSphere WebSphere Virtual
More informationOpenNebula Open Souce Solution for DC Virtualization. C12G Labs. Online Webinar
OpenNebula Open Souce Solution for DC Virtualization C12G Labs Online Webinar What is OpenNebula? Multi-tenancy, Elasticity and Automatic Provision on Virtualized Environments I m using virtualization/cloud,
More informationWebLogic on Oracle Database Appliance: Combining High Availability and Simplicity
WebLogic on Oracle Database Appliance: Combining High Availability and Simplicity Frances Zhao-Perez Alexandra Huff Oracle CAF Product Management Simon Haslam Technical Director O-box Safe Harbor Statement
More informationArchitecture des plates-formes IaaS Etat des lieux et perspectives
Architecture des plates-formes IaaS Etat des lieux et perspectives Frédéric Dang Tran Orange Labs Joint CompatibleOne and OSCi workshop, 7 June 2011 1 Outline > Scope and objectives > User-facing API and
More informationOracle Virtualization Strategy and Roadmap
Oracle Virtualization Strategy and Roadmap Wim Coekaerts, Senior Vice President, Engineering, Linux and Virtualization, Oracle September 29, 2014 Agenda 1 2 3 4 5 IT Transformation Oracle Virtualization
More informationIsaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014
OpenStack approach to SDN by way of NFV Advanced Network Service Framework Isaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014 Legal Disclaimers Copyright 2014 Intel Corporation. All rights
More informationGetting Started Hacking on OpenNebula
LinuxTag 2013 Berlin, Germany, May 22nd Getting Started Hacking on OpenNebula Carlos Martín Project Engineer Acknowledgments The research leading to these results has received funding from Comunidad de
More informationCernVM Online and Cloud Gateway a uniform interface for CernVM contextualization and deployment
CernVM Online and Cloud Gateway a uniform interface for CernVM contextualization and deployment George Lestaris - Ioannis Charalampidis D. Berzano, J. Blomer, P. Buncic, G. Ganis and R. Meusel PH-SFT /
More informationOpenNebula Cloud Platform for Data Center Virtualization
OSDC 2013 Nüremberg, Germany 17-18 April, 2013 OpenNebula Cloud Platform for Data Center Virtualization Constantino Vázquez Blanco OpenNebula Project Engineer @tinova79 OpenNebula Project. Creative Commons
More informationIntroduction to OpenStack
Introduction to OpenStack Carlo Vallati PostDoc Reseracher Dpt. Information Engineering University of Pisa carlo.vallati@iet.unipi.it Cloud Computing - Definition Cloud Computing is a term coined to refer
More informationOpenNebula An Innovative Open Source Toolkit for Building Cloud Solutions
Cloud Computing and its Applications 20th October 2009 OpenNebula An Innovative Open Source Toolkit for Building Cloud Solutions Distributed Systems Architecture Research Group Universidad Complutense
More informationSecurity Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)
Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security
More informationSolution for private cloud computing
The CC1 system Solution for private cloud computing 1 Outline What is CC1? Features Technical details Use cases By scientist By HEP experiment System requirements and installation How to get it? 2 What
More informationCloud on TIEN Part I: OpenStack Cloud Deployment. Vasinee Siripoonya Electronic Government Agency of Thailand Kasidit Chanchio Thammasat
Cloud on TIEN Part I: OpenStack Cloud Deployment Vasinee Siripoonya Electronic Government Agency of Thailand Kasidit Chanchio Thammasat Outline Part I: OpenStack Overview How OpenStack components work
More informationSUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse.
SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager pchadwick@suse.com Product Marketing Manager djarvis@suse.com SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack
More informationvcloud Suite Architecture Overview and Use Cases
vcloud Suite Architecture Overview and Use Cases vcloud Suite 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationSistemi Operativi e Reti. Cloud Computing
1 Sistemi Operativi e Reti Cloud Computing Facoltà di Scienze Matematiche Fisiche e Naturali Corso di Laurea Magistrale in Informatica Osvaldo Gervasi ogervasi@computer.org 2 Introduction Technologies
More informationCyber Incident Response
Secure Information Sharing for Cyber Response Teams Cyber Incident Response Models and Platforms for Information and Resource Sharing UTSA Team Ram Krishnan, Assistant Professor (ECE) Ravi Sandhu, Professor
More informationAppendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems
Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Yacov Y. Haimes and Barry M. Horowitz Zhenyu Guo, Eva Andrijcic, and Joshua Bogdanor Center
More informationIPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks
IPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks Renato Figueiredo Advanced Computing and Information Systems Lab University of Florida ipop-project.org Unit 3: Intra-cloud Virtual Networks
More informationA Gentle Introduction to Cloud Computing
A Gentle Introduction to Cloud Computing Source: Wikipedia Platform Computing, Inc. Platform Clusters, Grids, Clouds, Whatever Computing The leader in managing large scale shared environments o 18 years
More informationInfrastructure as a Service
Infrastructure as a Service Jose Castro Leon CERN IT/OIS Cloud Computing On-Demand Self-Service Scalability and Efficiency Resource Pooling Rapid elasticity 2 Infrastructure as a Service Objectives 90%
More informationAutomated deployment of virtualization-based research models of distributed computer systems
Automated deployment of virtualization-based research models of distributed computer systems Andrey Zenzinov Mechanics and mathematics department, Moscow State University Institute of mechanics, Moscow
More informationCloud Essentials for Architects using OpenStack
Cloud Essentials for Architects using OpenStack Course Overview Start Date 18th December 2014 Duration 2 Days Location Dublin Course Code SS906 Programme Overview Cloud Computing is gaining increasing
More informationDeployment of Private, Hybrid & Public Clouds with OpenNebula
EL / LAK (FOSS) 2010 May 14th, 2010 Deployment of Private, Hybrid & Public Clouds with OpenNebula University Complutense of Madrid The Anatomy of an IaaS Cloud Deployment of Private, Hybrid & Public Clouds
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More informationExperiences and challenges in the development of the JASMIN cloud service for the environmental science community
JASMIN (STFC/Stephen Kill) Experiences and challenges in the development of the JASMIN cloud service for the environmental science community ECMWF Visualisa-on in Meteorology Week, 28 September 2015 Philip
More informationSURFsara HPC Cloud Workshop
SURFsara HPC Cloud Workshop doc.hpccloud.surfsara.nl UvA workshop 2016-01-25 UvA HPC Course Jan 2016 Anatoli Danezi, Markus van Dijk cloud-support@surfsara.nl Agenda Introduction and Overview (current
More informationSimGrid Cloud Broker: Simulation of Public and Private Clouds
SimGrid Cloud Broker: Simulation of Public and Private Clouds Jonathan Rouzaud-Cornabas CNRS CC-IN2P3 / LIP (UMR 5668) J. Rouzaud-Cornabas (CNRS) SimGrid Cloud Broker 1 / 2 SimGrid Cloud Broker SimGrid
More informationCode-to-Cloud with OpenNebula & Megam Varadarajan Narayanan Kishore Kumar Neelamegam Thomas Alrin Raj Thilak
Code-to-Cloud with OpenNebula & Megam Varadarajan Narayanan Kishore Kumar Neelamegam Thomas Alrin Raj Thilak Megam Systems Ottawa, Canada The Cloud system Cloud Journey Moving to cloud Migration of development
More informationPrivate Cloud Database Consolidation with Exadata. Nitin Vengurlekar Technical Director/Cloud Evangelist
Private Cloud Database Consolidation with Exadata Nitin Vengurlekar Technical Director/Cloud Evangelist Agenda Private Cloud vs. Public Cloud Business Drivers for Private Cloud Database Architectures for
More informationCLOUD COMPUTING & WINDOWS AZURE
CLOUD COMPUTING & WINDOWS AZURE WORKSHOP Overview This workshop is an introduction to cloud computing and specifically Microsoft s public cloud offering in Windows Azure. Windows Azure has been described
More informationCloud Federations in Contrail
Cloud Federations in Contrail Emanuele Carlini 1,3, Massimo Coppola 1, Patrizio Dazzi 1, Laura Ricci 1,2, GiacomoRighetti 1,2 " 1 - CNR - ISTI, Pisa, Italy" 2 - University of Pisa, C.S. Dept" 3 - IMT Lucca,
More informationProviding Flexible Security as a Service Model for Cloud Infrastructure
Providing Flexible Security as a Service Model for Cloud Infrastructure Dr. M. Newlin Rajkumar, P. Banu Priya, Dr. V. Venkatesakumar Abstract Security-as-a-Service model for cloud systems enable application
More informationThe OpenNebula Cloud Platform for Data Center Virtualization
CloudOpen 2012 San Diego, USA, August 29th, 2012 The OpenNebula Cloud Platform for Data Center Virtualization Carlos Martín Project Engineer Acknowledgments The research leading to these results has received
More informationT-110.5121 Mobile Cloud Computing Private Cloud & Assignment 2 19.10.2011
T-110.5121 Mobile Cloud Computing Private Cloud & Assignment 2 19.10.2011 Yrjö Raivio, Koushik Annapureddy, Ramasivakarthik Mallavarapu Aalto University, School of Science Department of Computer Science
More informationGPFS-OpenStack Integration. Dinesh Subhraveti IBM Research
GPFS-OpenStack Integration Dinesh Subhraveti IBM Research GPFS File Placement Optimization Tradi5onal shared architecture Shared nothing architecture SAN I/O bo*leneck Scale out performance GPFS cluster
More informationOpenNebula Open Souce Solution for DC Virtualization
OSDC 2012 25 th April, Nürnberg OpenNebula Open Souce Solution for DC Virtualization Constantino Vázquez Blanco OpenNebula.org What is OpenNebula? Multi-tenancy, Elasticity and Automatic Provision on Virtualized
More informationOpen Source Virtualization with ovirt. DI (FH) René Koch Systems Engineer Siedl Networks GmbH Grazer Linuxtage, 25.04.2015
Open Source Virtualization with ovirt DI (FH) René Koch Systems Engineer Siedl Networks GmbH Grazer Linuxtage, 25.04.2015 Agenda What is ovirt? Architecture and Components New Features in ovirt 3.5 Planned
More informationCompatibleOne Open Source Cloud Broker Architecture Overview
CompatibleOne Open Source Cloud Broker Architecture Overview WHITE PAPER October 2012 Table of Contents Abstract 2 Background 2 Disclaimer 2 Introduction 2 Section A: CompatibleOne: Open Standards and
More informationThird Party Cloud Services Its Adoption in the New Age
Solutions for higher performance! Third Party Cloud Services Its Adoption in the New Age 1 Introduction Cloud computing is the delivery of computing services over the Internet. Cloud services allow individuals
More informationRelease of Cloud-like Management of Grid Services and Resources 2.0 Beta
Enhancing Grid Infrastructures with Virtualization and Cloud Technologies Release of Cloud-like Management of Grid Services and Resources 2.0 Beta Milestone MS15 (V1.2) 16 March 2012 Abstract StratusLab
More informationSecurity Aspects of Cloud Computing
Security Aspects of Cloud Computing Kunal Chadha Scholar, CSE Department University of Southern California, USA Anvita Bajpai X-Scholar, CSE Department Marist College, NY, USA ABSTRACT Cloud Computing
More informationThis presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.
This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1. WD31_VirtualApplicationSharedServices.ppt Page 1 of 29 This presentation covers the shared
More informationHadoop on OpenStack Cloud. Dmitry Mescheryakov Software Engineer, @MirantisIT
Hadoop on OpenStack Cloud Dmitry Mescheryakov Software Engineer, @MirantisIT Agenda OpenStack Sahara Demo Hadoop Performance on Cloud Conclusion OpenStack Open source cloud computing platform 17,209 commits
More informationQuantum Hyper- V plugin
Quantum Hyper- V plugin Project blueprint Author: Alessandro Pilotti Version: 1.0 Date: 01/10/2012 Hyper-V reintroduction in OpenStack with the Folsom release was primarily focused
More informationSecure Attack Measure Selection and Intrusion Detection in Virtual Cloud Networks. Karnataka. www.ijreat.org
Secure Attack Measure Selection and Intrusion Detection in Virtual Cloud Networks Kruthika S G 1, VenkataRavana Nayak 2, Sunanda Allur 3 1, 2, 3 Department of Computer Science, Visvesvaraya Technological
More informationIntegration in the cloud - IPaaS with Fuse technology. Charles Moulliard Apache Committer
Integration in the cloud - IPaaS with Fuse technology Charles Moulliard Apache Committer Agenda Introduction & Key concepts What is ipaas? Fuse Fabric & Fuse Mngt Console jclouds & Apache CloudStack Demo
More informationElastic Management of Cluster based Services in the Cloud
First Workshop on Automated Control for Datacenters and Clouds (ACDC09) June 19th, Barcelona, Spain Elastic Management of Cluster based Services in the Cloud Rafael Moreno Vozmediano, Ruben S. Montero,
More informationXen @ Google. Iustin Pop, <iustin@google.com> Google Switzerland. Sponsored by:
Xen @ Google Iustin Pop, Google Switzerland Sponsored by: & & Introduction Talk overview Corporate infrastructure Overview Use cases Technology Open source components Internal components
More informationComparing Ganeti to other Private Cloud Platforms. Lance Albertson Director lance@osuosl.org @ramereth
Comparing Ganeti to other Private Cloud Platforms Lance Albertson Director lance@osuosl.org @ramereth About me OSU Open Source Lab Server hosting for Open Source Projects Open Source development projects
More informationHow To Install Eucalyptus (Cont'D) On A Cloud) On An Ubuntu Or Linux (Contd) Or A Windows 7 (Cont') (Cont'T) (Bsd) (Dll) (Amd)
Installing Eucalyptus Past, Present, and Future Eucalyptus Overview Most widely deployed software platform for on-premise IaaS clouds 25,000+ cloud starts as of mid 2011 AWS-compatible, enterprise-deployed
More informationVirtual Machine Instance Scheduling in IaaS Clouds
Virtual Machine Instance Scheduling in IaaS Clouds Naylor G. Bachiega, Henrique P. Martins, Roberta Spolon, Marcos A. Cavenaghi Departamento de Ciência da Computação UNESP - Univ Estadual Paulista Bauru,
More informationSecure Private Cloud Architecture for Mobile Infrastructure as a Service
2012 IEEE Eighth World Congress on Services Secure Private Cloud Architecture for Mobile Infrastructure as a Service Susmita Horrow Department of mathematics IIT Roorkee, India hsusmita4@gmail.com Sanchika
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 Oracle Virtual Machine Server pre x86 Marián Kuna Technology Sales
More informationBuilding Multi-Site & Ultra-Large Scale Cloud with Openstack Cascading
Building Multi-Site & Ultra-Large Scale Cloud with Openstack Cascading Requirement and driving forces multi-site cloud Along with the increasing popularity and wide adoption of Openstack as the de facto
More informationIntroduction to Cloud Computing
Introduction to Cloud Computing Cloud Computing I (intro) 15 319, spring 2010 2 nd Lecture, Jan 14 th Majd F. Sakr Lecture Motivation General overview on cloud computing What is cloud computing Services
More informationOGF25/EGEE User Forum Catania, Italy 2 March 2009
OGF25/EGEE User Forum Catania, Italy 2 March 2009 Constantino Vázquez Blanco Javier Fontán Muiños Raúl Sampedro Distributed Systems Architecture Research Group Universidad Complutense de Madrid 1/31 Outline
More informationIBM 000-281 EXAM QUESTIONS & ANSWERS
IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of
More information