Secure Cloud Computing: KEVIN JACKSON



Similar documents
Toward a Unified Ontology of Cloud Computing

International Journal of Emerging Technology & Research

Cloud Computing Standards: Overview and ITU-T positioning

Cloud Computing. Jussi Talaskivi Information Management Centre University of Jyväskylä

CLOUD COMPUTING: A NEW VISION OF THE DISTRIBUTED SYSTEM

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

Own your own Enterprise Cloud with. FlexCloud

Oracle Reference Architecture and Oracle Cloud

ALSO CHOICE. The Channel Partner s Cloud Marketplace ALSO CHOICE. Marketplace. Sales. Provisioning. Billing. Reporting. Self-Care.

Considerations for Adopting PaaS (Platform as a Service)

Chapter 1: Introduction

Trust and Dependability in Cloud Computing

Service Oriented Architecture (SOA) for DoD

Inside the Cloud The Supporting Architecture of Cloud Computing. Jack Hanison

Preparation Guide Content. EXIN Cloud. 1. Overview 4 2. Exam Requirements 6 3. List of Basic Concepts 9 4. Exam Literature 13. Computing Foundation

The NIST Cloud Computing Program

NIST Cloud Computing Reference Architecture & Taxonomy Working Group

Profile. Business solutions with a difference

Shared Services Canada (SSC)

Grid Computing Vs. Cloud Computing

Information Technology Strategic Plan

Take Your Rocket U2 Apps Mobile with Rocket LegaSuite. Greg Mummah, Product Manager Rocket Software

Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec

Lecture 02b Cloud Computing II

Service Oriented Cloud Computing Architectures. Asher Vitek 12/3/2011 UMM CSci Senior Seminar Conference Morris, MN.

Applying Cryptography as a Service to Mobile Applications

Preparation Guide. EXIN Cloud Computing Foundation

What Cloud computing means in real life

Cloud Data Security. Sol Cates

Web Application Hosting Cloud Solution Architecture.

Business applications:

Enterprise Managed Cloud Computing at NASA. Karen Petraska NASA Office of the CIO Computing Services Service Office (CSSO) October 1, 2014

Introduction to Cloud Computing

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

2015 LENOVO. ALL RIGHTS RESERVED. Isabel Zarate Lenovo EBG Leader

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS security requirement

Novel Network Computing Paradigms (I)

Eucalyptus-Based. GSAW 2010 Working Group Session 11D. Nehal Desai

Windows Azure Platform

An Ontology-enhanced Cloud Service Discovery System

Session 3. the Cloud Stack, SaaS, PaaS, IaaS

A Cloud Computing Framework for Ethiopian Higher Education Institutions

for Oil & Gas Industry

Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Customer Cloud Architecture for Mobile.

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Secure your cloud applications by building solid foundations with enterprise (security ) architecture

Rapid Development of Smart and Self-Adaptive Cloud, Mobile & IoT Applications - Accelerating the Last Mile of Cloud Computing

Amit Sheth & Ajith Ranabahu, Presented by Mohammad Hossein Danesh

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

Implementing Microsoft Azure Infrastructure Solutions

Enhancing Operational Capacities and Capabilities through Cloud Technologies

Cyber Situational Awareness - Big Data Solution

Space and Naval Warfare Systems Center Atlantic

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Designing and Implementing Cloud Governance: Cloud, and Cloud Governance, are Emerging Capabilities

Oracle Cloud Computing Strategy

Service Desk as a Service

4/6/2009 CLOUD COMPUTING : PART I WHY IS CLOUD COMPUTING DISTINCT? INTRODUCTION: CONTINUE A PERSPECTIVE STUDY

Trends and Research Opportunities in Spatial Big Data Analytics and Cloud Computing NCSU GeoSpatial Forum

Credit Unions and The Cloud. By: Chris Sachse

Space Ground Services in the Joint Information Environment (JIE)

Fundamental Concepts and Models

DoD s Strategic Mobility Vision: Needs & Challenges

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad

Extending your datacenter to the cloud

AFCEA Aberdeen Luncheon. Army Common Operating Environment (COE) Update. March 11, 2015

The Scottish Wide Area Network Programme

Threat Model for Software Reconfigurable Communications Systems

Fujitsu Global Cloud Strategy

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

PaaS Cloud Migration Migration Process, Architecture Problems and Solutions. Claus Pahl and Huanhuan Xiong

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Offer Highly Available SAAS Solutions with Huawei. Huang Li Executive Vice President of isoftstone

How To Get Cloud Services To Work For You

Transcription:

Secure Cloud Computing: An Architecture t Ontology Approach KEVIN JACKSON

Forces Driving Cloud Computing The New IT Era rev date 4/15/2009 slide 2

Cloud Computing Value rev date 4/15/2009 slide 3

Cloud Computing Challenge rev date 4/15/2009 slide 4

Unified Ontology of Cloud Computing (http://www.cs.ucsb.edu/~lyouseff/ccontology/cloudontology.pdf) Cloud Application (SaaS) Cloud Software Environment (PaaS) Cloud Software Infrastructure Computational Storage Communications Resources (IaaS) (DaaS) (CaaS) Software Kernal Firmware / Hardware (HaaS) Lamia Youseff University of California, Santa Barbara Maria Butrico, Dilma Da Silva IBM T.J. Watson Research Center

Tactical Employment Issues Internet t connectivity it assumed SOA platform Security management Application service discovery and management Workflow orchestration Access management

Ontology Modifications for Tactical Cloud Computing Access Cloud Management Application (SaaS) Cloud Cloud Application Application (SaaS) Workflow Workflow Orchestration (SaaS) Orchestration Policy Engine Cloud Security Software API Environment Security API Services Cloud / Services Software (PaaS) Discovery Services / Services Discovery Environment Service Management (PaaS) Service Management Cloud Software Cloud Infrastructure Software Environment Cloud Software Cloud Infrastructure Software (PaaS) Environment Cloud Software Infrastructure (PaaS) Storage Communications Cloud Network Software Security Infrastructure t Storage (DaaS) Communications (CaaS) Network (DaaS) Connectivity (CaaS) Computational Network Storage Security Computational Storage Communications Resources Computational (IaaS) Resources (IaaS) Communications Computational Resources (IaaS) Storage (DaaS) (CaaS) Software Kernal Communications (CaaS) (IaaS) (DaaS) Software Kernal Software Software Kernal Kernal ) Firmware Hardware (HaaS) Firmware / Hardware (HaaS)

Tactical Cloud Computing Ontology Computational Resources (IaaS) Access Management Cloud Application (SaaS) Workflow Orchestration Policy Engine Security API Services / Services Discovery Service Management Cloud Software Environment (PaaS) Cloud Software Infrastructure Network Connectivity Storage (DaaS) Software Kernal Firmware / Hardware (HaaS) Communications (CaaS)

Ontology Modification Federated SOA Global l Governance Dynamic Tasking Access Management Cloud Application i (SaaS) S) Workflow Orchestration Policy Engine Security API Services / Services Discovery Service Management Cloud Software Environment (PaaS) Access Management Cloud Application i (SaaS) S) Workflow Orchestration Policy Engine Security API Services / Services Discovery Service Management Cloud Software Environment (PaaS) Cloud Software Infrastructure Cloud Software Infrastructure Network Connectivity Network Connectivity Computational Resources (IaaS) Storage (DaaS) Communications (CaaS) Computational Resources (IaaS) Storage (DaaS) Communications (CaaS) Software Kernal Software Kernal Firmware / Hardware (HaaS) Firmware / Hardware (HaaS)

Secure Cloud Computing An Approach Access Management Out of Band authentication Access Management Cloud Application (SaaS) Security API y g Use of services Binding of service Services / Services Discovery COI driven Service Management management No VPN Data aain Motion o security Computational Resources VM management Data-centric security model Storage Data at Rest security COI driven access Computational Resources (IaaS) Workflow Orchestration Policy Engine Security API Cloud dsoftware Environment (PaaS) Cloud Software Infrastructure Network Connectivity Storage (DaaS) Software Kernal Firmware / Hardware (HaaS) Communications (CaaS)

SecureParser Document Email -mail E Database Video Map Imagery Cryptographically splits data Creates physically separate fault tolerant Shares CDIP & COI Framework AES Encryption Random Bit Split M of N Fault Tolerance Share Authentication High-efficiency cryptographic module: Provably-secure Computational Secret Sharing Cryptographic Data Splitting Data Integrity Protection Modules can be change out, e.g. AES could be changed with a TYPE I encryption as requirement called for Physically Separate Shares Written to Storage Data at Rest Written to Networks Data in Motion Created at any IO Point in the system 1 2 3 4 User Definable Number of Shares Fault Tolerance Key Management

Independent Testing and Evaluation 2005 CWID: AFCA assessment & AF C2 Battle Lab demo as demonstrating the potential to be labeled as an MLS/PL-4 System 2005 DISA: Technical Information Panel (TIP) found to have merit for further evaluation and consideration for use as an information assurance technology potential to fundamentally alter the way storing and securing of data is approached. 2006 SOCOM: National Center for the Study of Counter-terrorism and Cybercrime IV&V completed successfully for SOCOM MLS Pilot Project 2006 EUCOM Combined Endeavor: Joint Interoperability Test Center (JITC) value of the SecureParser was obvious. This capability not only offers increased security of data, but reduces costs by eliminating the need for redundant resources. 2008 Selected by DISA as a demonstration solution for CWID 08 - June 08 Selected by NSA for HAP Trade Study as a Crypto Service and for DAR

Mission Network Centric Operations Industry Consortium Our mission is to facilitate global realization of the benefit inherent in Network Centric Operations. To that end, we seek to enable continuously increasing levels of interoperability across the spectrum of joint, interagency, intergovernmental, and multinational industrial and commercial operations. We will execute this mission in good faith as a global organization with membership open to all enterprises in quest of applying the vast potential of network centric technology to the operational challenges faced by our nations and their citizens. Past successes Network Centric Analysis Tool (NCAT) NCOIC Interoperability Framework (NIF) Future Develop operational art in support of netcentric operations Support operational art advances through collaboration (Government, Industry, Non-profits, Interest Groups) Provide value to members Use of NCOIC developed process provided differentiator in recent European procurement for a member company NCOIC Patterns addressing interoperability concerns of member government agencies

Cloud Computing Operational Art Embrace collaboration OSD tactical Cloud Computing TIGR Government Cloud Computing Cloud Interoperability bl Forum Use Operational and Capability pattern process to develop Cloud Computing Technical Patterns Identify key netcentric operations interoperability requirements and preferences within identified technical patterns Iterate with NCOIC stakeholder companies and government organizations Use Capability and Operational patterns to validate operational impact of reduced cloud interoperability Leverage analysis to drive cloud interoperability recommendations and best practices

Thank You! Kevin.jackson@dataline.com http://cloudcomputing.dataline.comdataline com http://govcloud.ulitzer.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information