How to Secure Infrastructure Clouds with Trusted Computing Technologies
|
|
- Brett Miles
- 8 years ago
- Views:
Transcription
1 How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science
2 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3. Trusted Computing and TPM 4. Trusted VM launch 5. InfraCloud 6. Future work
3 3 Infrastructure-as-a-Service A 'cloud computing' service model (NIST:2011): Provision processing, storage, networks. Deploy and run arbitrary software. No control over underlying cloud infrastructure. Control over OS, storage, deployed applications. Limited control of select networking components.
4 Infrastructure-as-a-Service architectural overview 4 OpenStack architectural overview
5 Infrastructure-as-a-Service security issues : Vulnerabilities in the AWS management console (XSS and XML wrapping attacks) OpenStack architectural overview
6 Infrastructure-as-a-Service security issues : Vulnerabilities in the AWS management console (XSS and XML wrapping attacks) 2012: Cross-VM Side Channels can be used to extract private keys. OpenStack architectural overview
7 Infrastructure-as-a-Service security issues : Vulnerabilities in the AWS management console (XSS and XML wrapping attacks) 2012: Cross-VM Side Channels can be used to extract private keys 2012: Rackspace s dirty disks OpenStack architectural overview
8 Can we help it? 8
9 9 Introducing the TPM Trusted platform module v1.2 as specified by TCG. v2.0 is currently under review. Tamper-evident. 16+ PCRs for volatile storage. Four operations: Signing / Binding / Sealing / Sealed-sign.
10 10 Introducing the TPM: output Produces integrity measurements of the firmware at boot time. Can produce integrity measurements of the loaded kernel modules (sample below).
11 11 Introducing the TPM: usage Microsoft BitLocker Google Chromium OS Citrix XenServer Oracle s X- and T-Series Systems HP ProtectTools Others
12 12 Securing IaaS environments with trusted computing Virtualization security. Storage protection in IaaS environments. Computing security in IaaS environments. Remote host software integrity attestation. Runtime host software integrity attestation. Encryption key management in IaaS environments.
13 Computing security in IaaS environments: Problem Setting Consumer is able to deploy and run arbitrary software, which can include operating systems and applications. 13 Client can launch VMs for sensitive computations. Trusted VM launch the correct VM is launched in a IaaS platform on a host with a known software stack verified to not have been modified by malicious actors. IaaS security with trusted computing. How do we ensure a trusted VM launch in an untrusted IaaS environment?
14 14 Attack scenario 1 Scheduler (S) Remote attacker (A r ) A r could schedule the VM instance to be launched on a compromised host Trusted Compute Host (CH) Compute Host (CH) Client (C) Hardware Hardware Hardware
15 15 Attack scenario 2 Scheduler (S) Remote attacker (A r ) Client (C) A r could compromise the VM image prior to launch Trusted Compute Host (CH) Hardware Compute Host (CH) Hardware Compute Host (CH) Hardware
16 16 Trusted VM launch protocol Ensure VM image launched on a trusted host. Ensure communication with VM launched on a trusted CH rather than a random VM. Compute host to verify the integrity VM image to be launched. Minimum implementation footprint on the IaaS codebase. Transparent view of the secure launch procedures.
17 Protocol: birds-eye view 3. (S) CH CH CH Client (C) HW HW HW + TPM
18 18 Prototype implementation OpenStack cluster deployed on 3 nodes (TPM-equipped) Code extensions: Changes OpenStack launch procedure. Implementation of an OpenStack TPM communication glue. Implementation of a TTP (interpretation of attestation info) Implementation of client-side functionality (token generation, trusted launch verification).
19 19 Securing IaaS with InfraCloud: The project Ongoing project in collaboration between Region Skåne, Ericsson Research and SICS. Aim: proof of concept design and deployment of one of the region s medical journaling systems in a hardened and trustworthy IaaS environment. Prototype implementation based on earlier research, as well as solutions to newly identified challenges.
20 20 Securing IaaS with InfraCloud: The challenges Numerous new research challenges have been identified already in the early stages of the project: Storage protection in untrusted IaaS environments. Verification and protection of a deployment s network configuration. Runtime VM instance protection (prevent memory dumping, cloning). Secure key handling mechanisms in untrusted IaaS deployments. Update and patch deployment on guest VM instances. Interpretation of TPM attestation data.
21 21 Conclusion Out-of-the-box public IaaS probably not acceptable for most organizations handling sensitive data. A comprehensive solution for data protection in public IaaS environments has not been found yet. SICS Secure Systems lab works with various aspects of guest protection in untrusted IaaS. Trusted Computing Technologies allow to address some of the issues with IaaS security. Participation in the InfraCloud project and practical application of protocols reveal multiple new research challenges.
How To Create A Trusted Cloud Computing Platform
Trusted Computing and Secure Virtualization in Cloud Computing Master Thesis Nicolae Paladi Luleå University of Technology Dept. of Computer Science, Electrical and Space Engineering Div. of Computer and
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationSoftware Execution Protection in the Cloud
Software Execution Protection in the Cloud Miguel Correia 1st European Workshop on Dependable Cloud Computing Sibiu, Romania, May 8 th 2012 Motivation clouds fail 2 1 Motivation accidental arbitrary faults
More informationSecure Data Management in Trusted Computing
1 Secure Data Management in Trusted Computing Ulrich Kühn Deutsche Telekom Laboratories, TU Berlin Klaus Kursawe (KU Leuven) Stefan Lucks (U Mannheim) Ahmad-Reza Sadeghi (RU Bochum) Christian Stüble (RU
More informationRealizing Trusted Clouds
Realizing Trusted Clouds with Trusted Computing and SCAP SICS Security Seminar April 08, 2014 Mudassar Aslam (Researcher,PhD Student) Security LAB (SEC Lab) 1 Outline Cloud Computing Trusted Clouds Cloud
More informationA Virtualized Linux Integrity Subsystem for Trusted Cloud Computing
A Virtualized Linux Integrity Subsystem for Trusted Cloud Computing Stefan Berger Joint work with: Kenneth Goldman, Dimitrios Pendarakis, David Safford, Mimi Zohar IBM T.J. Watson Research Center 09/21/2011
More informationCSE543 Computer and Network Security Module: Cloud Computing
CSE543 Computer and Network Security Module: Computing Professor Trent Jaeger 1 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2 Computing Is Here Systems and Internet
More informationBuilding Blocks Towards a Trustworthy NFV Infrastructure
Building Blocks Towards a Trustworthy NFV Infrastructure IRTF NFVRG Adrian L. Shaw Hewlett-Packard Laboratories / July 22 nd, 2015 1 Why security and trust? Big requirement for critical
More informationHW (Fat001) TPM. Figure 1. Computing Node
1. Overview Two major components exist in our current prototype systems: the management node, including the Cloud Controller, Cluster Controller, Walrus and EBS, and the computing node, i.e. the Node Controller
More informationWilliam Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly
William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly Ramesh Karri (rkarri@poly.edu) Associate Professor, Electrical and Computer Engineering NYU-Poly Why is cyber
More informationAppendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems
Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Yacov Y. Haimes and Barry M. Horowitz Zhenyu Guo, Eva Andrijcic, and Joshua Bogdanor Center
More informationSecurity Considerations in Cloud Deployments Matthew Garrett <matthew.garrett@nebula.com>
Security Considerations in Cloud Deployments Matthew Garrett (cloud) Computing for the Enterprise Security concerns in traditional hosting Someone hacks your system Your hosting
More informationBypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken
Bypassing Local Windows Authentication to Defeat Full Disk Encryption Ian Haken Who Am I? Currently a security researcher at Synopsys, working on application security tools and Coverity s static analysis
More informationComputer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk
About PaaS Security Donghoon Kim Henry E. Schaffer Mladen A. Vouk North Carolina State University, USA May 21, 2015 @ ICACON 2015 Outline Introduction Background Contribution PaaS Vulnerabilities and Countermeasures
More informationPlanning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise
Planning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise Manager Oracle NIST Definition of Cloud Computing Cloud
More informationVirtualization & Cloud Computing (2W-VnCC)
Virtualization & Cloud Computing (2W-VnCC) DETAILS OF THE SYLLABUS: Basics of Networking Types of Networking Networking Tools Basics of IP Addressing Subnet Mask & Subnetting MAC Address Ports : Physical
More informationSecurity Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)
Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security
More informationOverview of Windows 10 Requirements for TPM, HVCI and SecureBoot
presented by Overview of Windows 10 Requirements for TPM, HVCI and SecureBoot UEFI Spring Plugfest May 18-22, 2015 Gabe Stocco, Scott Anderson, Suhas Manangi Updated 2011-06-01 UEFI Plugfest May 2015 www.uefi.org
More informationPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de
More informationvtpm: Virtualizing the Trusted Platform Module
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA vtpm: Virtualizing the
More informationLecture Overview. INF3510 Information Security Spring 2015. Lecture 4 Computer Security. Meaningless transport defences when endpoints are insecure
Lecture Overview INF3510 Information Security Spring 2015 Fundamental computer security concepts CPU and OS kernel security mechanisms Virtualization Memory Protection Trusted computing and TPM Lecture
More informationModule: Cloud Computing Security
Module: Cloud Computing Security Professor Trent Jaeger Penn State University 1 Cloud Computing Is Here Why not use it? Systems and Internet Infrastructure Security (SIIS) Laboratory 2 What s Happening
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationTrustworthy Computing
Stefan Thom Senior Software Development Engineer and Security Architect for IEB, Microsoft Rob Spiger, Senior Security Strategist Trustworthy Computing Agenda Windows 8 TPM Scenarios Hardware Choices with
More informationIndex. BIOS rootkit, 119 Broad network access, 107
Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models,
More informationTowards Trustworthy Clouds
IBM Research Zurich Christian Cachin 12 September 2013 Towards Trustworthy Clouds 2009 IBM Corporation Cloud computing? 2 Cloud services are convenient No investment cost Pay only for consumption Scalable
More informationLecture Embedded System Security Dynamic Root of Trust and Trusted Execution
1 Lecture Embedded System Security Dynamic Root of Trust and Execution Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2014 Dynamic Root
More informationCloud Security is a First Principle:
Cloud Security is a First Principle: Elements of Private Cloud Security Table of Contents Why the Security Minded are Drawn to Private Cloud Deployments....2 Security is the Driver Behind Private Clouds...3
More informationSistemi Operativi e Reti. Cloud Computing
1 Sistemi Operativi e Reti Cloud Computing Facoltà di Scienze Matematiche Fisiche e Naturali Corso di Laurea Magistrale in Informatica Osvaldo Gervasi ogervasi@computer.org 2 Introduction Technologies
More informationComparing Open Source Private Cloud (IaaS) Platforms
Comparing Open Source Private Cloud (IaaS) Platforms Lance Albertson OSU Open Source Lab Associate Director of Operations lance@osuosl.org / @ramereth About me OSU Open Source Lab Server hosting for Open
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationLecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu
Lecture 2 Cloud Computing & Virtualization Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu Outline Introduction to Virtualization The Major Approaches
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationA M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions
A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various
More informationhttp://www.vassure.com
Technical Case Study: Patch Management This is subsequent to Summary of Projects VMware - ESX Server to Facilitate: IMS, Server Consolidation, Storage & Testing with Production Server VAssure Virtualization
More informationCloud Security Overview
UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Security Overview Murat Kantarcioglu Outline Current cloud security techniques Amazon Web services Microsoft Azure Cloud Security Challengers
More informationStorage and High Availability with Windows Server
Course 10971A: Storage and High Availability with Windows Server Course Details Course Outline Module 1: Disks and Volumes with Windows Server This module introduces you to different storage technologies.
More informationTrusted VM Snapshots in Untrusted Cloud Infrastructures
Trusted VM Snapshots in Untrusted Cloud Infrastructures Abhinav Srivastava 1, Himanshu Raj 2, Jonathon Giffin 3, Paul England 2 1 AT&T Labs Research 2 Microsoft Research 3 School of Computer Science, Georgia
More informationUEFI Implications for Windows Server
presented by UEFI Implications for Windows Server Taipei UEFI Plugfest March 18-22, 2013 Presented by Arie van der Hoeven (Microsoft Corporation) Updated 2011-06-01 Taipei UEFI Plugfest March 2013 www.uefi.org
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationCloud Security and Data Protection
Cloud Security and Data Protection Cloud Strategy Partners, LLC Sponsored by: IEEE Educational Activities and IEEE Cloud Computing Course Presenter s Biography This IEEE Cloud Computing tutorial has been
More information2) Xen Hypervisor 3) UEC
5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationUniversity of Messina, Italy
University of Messina, Italy IEEE MoCS 2011 Kerkyra - Greece June 28, 2011 Dr. Massimo Villari mvillari@unime.it Cross Cloud Federation Federated Cloud Scenario Cloud Middleware Model: the Stack The CLEVER
More informationMcAfee Public Cloud Server Security Suite
Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,
More informationCloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive
Cloud Security Through Threat Modeling Robert M. Zigweid Director of Services for IOActive 1 Key Points Introduction Threat Model Primer Assessing Threats Mitigating Threats Sample Threat Model Exercise
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationBuilding More Reliable Cloud Services The CUMULUS Project
Building More Reliable Cloud Services The CUMULUS Project Antonio Álvarez Romero aalvarez@wtelecom.es London, 17 th June 2014 1 Table of contents Motivations Goals to be achieved What is CUMULUS? Application
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationCycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationDell High Availability Solutions Guide for Microsoft Hyper-V
Dell High Availability Solutions Guide for Microsoft Hyper-V www.dell.com support.dell.com Notes and Cautions NOTE: A NOTE indicates important information that helps you make better use of your computer.
More informationVmware Training. Introduction
Vmware Training Course: Vmware Training Duration: 25 Days (Regular) Mode of Training: Classroom (Instructor-Led) Virtualization has redefined the way IT resources are consumed and services are delivered.
More informationCourse 6331A: Deploying and Managing Microsoft System Center Virtual Machine Manager
Course 6331A: Deploying and Managing Microsoft System Center Virtual Machine Manager Length: 3 Days Language(s): English Audience(s): IT Professionals Level: 300 Technology: Microsoft System Center Virtual
More informationAcronis Backup & Recovery 11.5
Acronis Backup & Recovery 11.5 Update 2 Installation Guide Applies to the following editions: Advanced Server Server for Windows Virtual Edition Server for Linux Advanced Server SBS Edition Workstation
More informationServer Virtualization with Windows Server Hyper-V and System Center
Course 20409B: Server Virtualization with Windows Server Hyper-V and System Center Course Details Course Outline Module 1: Evaluating the Environment for Virtualization This module provides an overview
More informationWhat Is It? Business Architecture Research Challenges Bibliography. Cloud Computing. Research Challenges Overview. Carlos Eduardo Moreira dos Santos
Research Challenges Overview May 3, 2010 Table of Contents I 1 What Is It? Related Technologies Grid Computing Virtualization Utility Computing Autonomic Computing Is It New? Definition 2 Business Business
More informationIntroduction to OpenStack
Introduction to OpenStack Carlo Vallati PostDoc Reseracher Dpt. Information Engineering University of Pisa carlo.vallati@iet.unipi.it Cloud Computing - Definition Cloud Computing is a term coined to refer
More informationCLOUD COMPUTING. When It's smarter to rent than to buy
CLOUD COMPUTING When It's smarter to rent than to buy Is it new concept? Nothing new In 1990 s, WWW itself Grid Technologies- Scientific applications Online banking websites More convenience Not to visit
More informationImplementing Hardware Roots of Trust: The Trusted Platform Module Comes of Age Sponsored by the Trusted Computing Group (TCG)
Implementing Hardware Roots of Trust: The Trusted Platform Module Comes of Age Sponsored by the Trusted Computing Group (TCG) Speakers: Gal Shpantzer, John Pescatore (SANS Institute) Chris Hallum (Microsoft)
More information1 What is Cloud Computing?... 2 2 Cloud Infrastructures... 2 2.1 OpenStack... 2 2.2 Amazon EC2... 4 3 CAMF... 5 3.1 Cloud Application Management
1 What is Cloud Computing?... 2 2 Cloud Infrastructures... 2 2.1 OpenStack... 2 2.2 Amazon EC2... 4 3 CAMF... 5 3.1 Cloud Application Management Frameworks... 5 3.2 CAMF Framework for Eclipse... 5 3.2.1
More informationAcronym Term Description
This glossary contains definitions of terms created by TCG, or terms that have a particular meaning in trusted computing, or terms that cause particular confusion in trusted computing. Acronym Term Description
More informationTrusted Launch of Virtual Machine Instances in Public IaaS Environments
Trusted Launch of Virtual Machine Instances in Public IaaS Environments Nicolae Paladi 1, Christian Gehrmann 1, Mudassar Aslam 1, and Fredric Morenius 2 1 Swedish Institute of Computer Science, Stockholm,
More informationSession ID: Session Classification:
Session ID: Session Classification: Protecting Data with Encryption Access Control Protect Sensitive Data Protect and Manage Threats Groundbreaking Malware Resistance Protects the client, data, and corporate
More informationCA ARCserve Replication and High Availability Deployment Options for Hyper-V
Solution Brief: CA ARCserve R16.5 Complexity ate my budget CA ARCserve Replication and High Availability Deployment Options for Hyper-V Adding value to your Hyper-V environment Overview Server virtualization
More informationStorage and High Availability with Windows Server 10971B; 4 Days, Instructor-led
Storage and High Availability with Windows Server 10971B; 4 Days, Instructor-led Course Description Get hands-on instruction and practice provisioning your storage requirements and meeting your high availability
More informationSurvey on virtual machine security
Survey on virtual machine security Bright Prabahar P Post Graduate Scholar Karunya university Bijolin Edwin E Assistant professor Karunya university Abstract Virtualization takes a major role in cloud
More informationDeployment Options for Microsoft Hyper-V Server
CA ARCserve Replication and CA ARCserve High Availability r16 CA ARCserve Replication and CA ARCserve High Availability Deployment Options for Microsoft Hyper-V Server TYPICALLY, IT COST REDUCTION INITIATIVES
More informationT-110.5121 Mobile Cloud Computing Private Cloud & Assignment 2 19.10.2011
T-110.5121 Mobile Cloud Computing Private Cloud & Assignment 2 19.10.2011 Yrjö Raivio, Koushik Annapureddy, Ramasivakarthik Mallavarapu Aalto University, School of Science Department of Computer Science
More informationTowards Trustworthy Architectures for Secure Cloud Servers and End-User Devices
Towards Trustworthy Architectures for Secure Cloud Servers and End-User Devices Jakub Szefer and Prof. Ruby B. Lee Princeton University http://palms.princeton.edu/ 2013-03-11 ARO Invitational Workshop
More informationClodoaldo Barrera Chief Technical Strategist IBM System Storage. Making a successful transition to Software Defined Storage
Clodoaldo Barrera Chief Technical Strategist IBM System Storage Making a successful transition to Software Defined Storage Open Server Summit Santa Clara Nov 2014 Data at the core of everything Data is
More informationTrusted Launch of Generic Virtual Machine Images in Public IaaS Environments
Trusted Launch of Generic Virtual Machine Images in Public IaaS Environments Nicolae Paladi 1, Christian Gehrmann 1, Mudassar Aslam 1, and Fredric Morenius 2 1 Swedish Institute of Computer Science, Kista,
More informationProtect Sensitive Data Using Encryption Technologies. Ravi Sankar Technology Evangelist Microsoft Corporation http://ravisankar.spaces.live.
Protect Sensitive Data Using Encryption Technologies Ravi Sankar Technology Evangelist Microsoft Corporation http://ravisankar.spaces.live.com/blog Where is the User Data Stored? Q: Where is the biggest
More informationVIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS. 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab.
VIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab. Motivation The era of cloud computing Motivation In the
More informationFundamentals of a Windows Server Infrastructure MOC 10967
Fundamentals of a Windows Server Infrastructure MOC 10967 Course Outline Module 1: Installing and Configuring Windows Server 2012 This module explains how the Windows Server 2012 editions, installation
More informationAutomating Big Data Benchmarking for Different Architectures with ALOJA
www.bsc.es Jan 2016 Automating Big Data Benchmarking for Different Architectures with ALOJA Nicolas Poggi, Postdoc Researcher Agenda 1. Intro on Hadoop performance 1. Current scenario and problematic 2.
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationCourse Outline: Course 6331: Deploying and Managing Microsoft System Center Virtual Machine Manager Learning Method: Instructor-led Classroom Learning
Course Outline: Course 6331: Deploying and Managing Microsoft System Center Virtual Machine Manager Learning Method: Instructor-led Classroom Learning Duration: 3.00 Day(s)/ 24 hrs Overview: This three-day
More informationIntel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms
Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Enomaly Elastic Computing Platform, * Service Provider Edition Executive Summary Intel Cloud Builder Guide
More informationComparing Ganeti to other Private Cloud Platforms. Lance Albertson Director lance@osuosl.org @ramereth
Comparing Ganeti to other Private Cloud Platforms Lance Albertson Director lance@osuosl.org @ramereth About me OSU Open Source Lab Server hosting for Open Source Projects Open Source development projects
More informationCloud Computing Security Requirements
Issues in Cloud Security Private, Public, Hybrid Abstract This white paper discusses the major computer security issues confronting an organization when moving to the cloud. Even for small companies, migrating
More informationOn the security of Virtual Machine migration and related topics
Master thesis On the security of Virtual Machine migration and related topics Ramya Jayaram Masti Submitted in fulfillment of the requirements of Master of Science in Computer Science Department of Computer
More informationAircloak Analytics: Anonymized User Data without Data Loss
Aircloak Analytics: Anonymized User Data without Data Loss An Aircloak White Paper Companies need to protect the user data they store for business analytics. Traditional data protection, however, is costly
More informationMicrosoft s Advantages and Goals for Hyper-V for Server 2016
Virtualization is a bedrock of modern cloud environments. Hypervisors manage the virtual machines in a cloud environments, providing six fundamental features, as shown in the table below. 1 Hypervisors
More informationOVAL+TPM. A Case Study in Enterprise Trusted Computing. Ariel Segall. June 21, 2011
OVAL+TPM A Case Study in Enterprise Trusted Computing Ariel Segall June 21, 2011 Approved for Public Release: 11-0144. Distribution Unlimited. c 2011. All Rights Reserved. (1/15) Motivation Goal: Demonstrate
More informationComputing Service Provision in P2P Clouds
Computing Service Provision in P2P Clouds Ghislain FOUODJI TASSE Supervisor: DR. Karen BRADSHAW Department of Computer Science Rhodes University Research Statement Leverage advantages of cloud computing
More informationEmbedded Trusted Computing on ARM-based systems
1 / 26 Embedded Trusted Computing on ARM-based systems Martin Schramm, M.Eng. 10.04.2014 Agenda 2 of 26 martin.schramm@th-deg.de Embedded computing platforms have become omnipresent intend to alleviate
More informationAbstract. 1 Introduction
Credo: Trusted Computing for s with a Commodity Hypervisor Himanshu Raj, David Robinson, Talha Bin Tariq, Paul England, Stefan Saroiu, Alec Wolman Microsoft Research Abstract This paper presents the Credo
More informationPrivate Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04
Private Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04 F. John Krautheim 1 Dhananjay S. Phatak Alan T. Sherman 1 Cyber
More informationTCG Based Approach for Secure Management of Virtualized Platforms State-of-the-art
SICS Technical Report T2010:05 ISSN 1100-3154 TCG Based Approach for Secure Management of Virtualized Platforms State-of-the-art (June 05, 2010) Mudassar Aslam, Christian Gehrmann {Mudassar.Aslam, Christian.Gehrmann}@sics.se
More informationTrusted Platforms for Homeland Security
Trusted Platforms for Homeland Security By Kevin Schutz, Product Manager Secure Products Summary Ongoing threats from hackers, viruses, and worms continue to make security a top priority for IT and business
More informationINTRODUCTION TO CLOUD MANAGEMENT
CONFIGURING AND MANAGING A PRIVATE CLOUD WITH ORACLE ENTERPRISE MANAGER 12C Kai Yu, Dell Inc. INTRODUCTION TO CLOUD MANAGEMENT Oracle cloud supports several types of resource service models: Infrastructure
More information10971B: Storage and High Availability with Windows Server
10971B: Storage and High Availability with Windows Server Course Details Course Code: Duration: Notes: 10971B 4 days This course syllabus should be used to determine whether the course is appropriate for
More informationWIND RIVER SECURE ANDROID CAPABILITY
WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion
More informationFrom 0 to Secure in 1 Minute APPSEC IL 2015. Moshe Ferber CCSK, CCSP
From 0 to Secure in 1 Minute APPSEC IL 2015 Moshe Ferber CCSK, CCSP #About Information security professional for over 20 years Popular industry speaker & lecturer (DefCon, BlackHat, Infosec and more) Co-Contributor
More informationTrusted Virtual Infrastructure Bootstrapping for On Demand Services.
Trusted Virtual Infrastructure Bootstrapping for On Demand Services. Abstract As cloud computing continues to gain traction, a great deal of effort is being expended in researching the most effective ways
More informationCitrix Training. Course: Citrix Training. Duration: 40 hours. Mode of Training: Classroom (Instructor-Led)
Citrix Training Course: Citrix Training Duration: 40 hours Mode of Training: Classroom (Instructor-Led) Virtualization has redefined the way IT resources are consumed and services are delivered. It offers
More informationInadequacies of Current Risk Controls for the Cloud
Inadequacies of Current Risk Controls for the Cloud Name: Michael Goldsmith Michael Auty, Sadie Creese and Paul Hopkins Venue: CPSRT@CloudCom2010, Indianapolis Date: 2 December 2010 Research supported
More informationElements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats. Windows XP Support Has Ended Why It Concerns You
Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats Windows XP Support Has Ended Why It Concerns You Protect Detect Respond 1 02 Windows XP support has ended Windows XP support
More informationAccelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation
Accelerate OpenStack* Together * OpenStack is a registered trademark of the OpenStack Foundation Where are your workloads running Ensuring Boundary Control in OpenStack Cloud. Raghu Yeluri Principal Engineer,
More information