20100925 cloudy security - porticor

•

0 gostou•419 visualizações

The document discusses bringing cloud operational benefits to security and privacy. It focuses on public cloud infrastructure as a service and platform as a service. The presentation agenda includes baseline security assumptions, threat analysis for cloud deployments, demonstrations of web application firewalls and securing data in the cloud, and how flexibility benefits security in the cloud.

Tecnologia

Bringing Cloud operational benefits to the world of security and privacy Gilad Parann-Nissany http://www.porticor.comcontact@porticor.com CSA Congress, November 16th-17th, 2010 12/7/2010 www.porticor.com © PORTICOR 2009, 2010

12/7/2010 www.porticor.com © PORTICOR 2009, 2010 2

Goals Focus: public cloud Because its in some ways more challenging than private cloud Focus: IaaS/PaaS SaaS controlled by vendor Agenda Baseline assumptions Threat analysis What’s really new? What’s not? Cloud-deployed security tools Demo: WAF in the cloud Cloud-specific security considerations Demo: securing the data layer Summary: flexibility in the cloud 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 3 “Cloudy” Security

NOT “selling cloud” Customer IT has evaluated what they would feel comfortable putting in the cloud Customer IT understands that – in IaaS/PaaS – they still retain some responsibility Customer IT is asking the questions: “how to meet our responsibility, how to do security reasonably, and what are the tools to use?” 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 4 Baseline assumptions for this discussion

Some known concepts translate to cloud with a twist APIs SaaS security Usage of IaaS And of course, there is some pretty new stuff More about this later… 12/7/2010 Copyright 2009, 2010 ©Porticor What’s new? What carries over?

12/7/2010 Copyright 2009, 2010 ©Porticor Translating known concepts to cloud Examples …and more

Cloud Data Demo 1 12/7/2010 Confidential ©Porticor Internet Business Compute

Secure distributed data storage Keys management Hypervisors and virtual machines Role of encryption changes New data protection measures emerge (i.e. fragmentation) Physical security of cloud environments 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 9 Some new considerations

Cloud Demo 2 12/7/2010 Confidential ©Porticor Internet Business Mgmt Site Compute Data

Package complex privacy and security technology Get the operations and economics right Pay as you go Privacy and security solutions can be brought up in a reasonable time – not months Privacy and security have proper service level guarantees Backed by proper SLA and/or Warranty 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 11 Elasticity, Flexibility, Management

12/7/2010 Confidential ©Porticor Thank You! Questions ?

Mais conteúdo relacionado

Mais procurados

Getting Your IT Security Learners Ready for the Cloud with CCSK Certification

ITpreneurs

Ten Type of Innovation - Universitas Indonesia

PT Datacomm Diangraha

Ciphercloud Solutions Overview hsa oct2011

Ramy Houssaini

Cisco Keynote at NetApp Insight - Berlin

Tim Stack

Businesses operate in a digital ecosystem that’s ever more connected, collaborative and complex. That means becoming a “self-sustaining enterprise”. What does this mean? Think about the business ecosystem as a neighbourhood. A self-sustaining enterprise understands and responds to who’s moving in and out, what they’re doing, and what threats they present. Identity is key to understanding and navigating new relationships in order to perform as effectively as possible while managing risk at an optimal level.

Identity Live Sydney 2017 - Michael Dowling

ForgeRock

CCSK Certificate of Cloud Computing Knowledge - overview

Peter HJ van Eijk

Cisco cloud strategy cisco

OpenSourceCamp

IBB Energie AG

Cisco Case Studies

uPort's Privacy Preserving User Management System for Ethereum dApps

Michael Sena

Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...

Infosecurity2010

MILCOM 2013 Keynote Presentation: Larry Payne

AFCEA International

The Cloud & I, The CISO challenges with Cloud Computing

Moshe Ferber

Internet of everything

Jayesh Pai

CCSK, cloud security framework, Indonesia

Wise Pacific Venture

Intel’s Strategy in IoT Standards

NFC Forum

Ramin elahi fog_computing_ecosystem_final_dec22_updated

HarshitParkar6677

Neotel is South Africa’s first converged telecommunications network operator, providing business, wholesale, and consumer voice and data services. Cisco Smart Net Total CareTM provides Neotel with proactive support to optimise and secure the network, solving problems faster, improving operational efficiency, and reducing the risk of downtime.“Smart Net Total Care has proactively supported, optimised, and secured our network performance, allowing us to pay more attention to the running of our business.” — Chala Rao, Chief Network Officer, Neotel

Neotel

Cisco Case Studies

loud computing is evolving fast, and so are the threats and defense tactics. Cloud consumers and providers should always be aware of the latest risks and attack vectors and explore the latest security events to identify new attack vectors. Here, we’ll provide you with a list of the latest threats and discuss their effect on our security posture, and review a recent case study of attacks relevant to those threats.

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose

Moshe Ferber

Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems

scoopnewsgroup

Enterprise Ethereum : How It Differs From DLT?

Blockchain Council

Mais procurados (20)

Getting Your IT Security Learners Ready for the Cloud with CCSK Certification

Ten Type of Innovation - Universitas Indonesia

Ciphercloud Solutions Overview hsa oct2011

Cisco Keynote at NetApp Insight - Berlin

Identity Live Sydney 2017 - Michael Dowling

CCSK Certificate of Cloud Computing Knowledge - overview

Cisco cloud strategy cisco

IBB Energie AG

uPort's Privacy Preserving User Management System for Ethereum dApps

Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...

MILCOM 2013 Keynote Presentation: Larry Payne

The Cloud & I, The CISO challenges with Cloud Computing

Internet of everything

CCSK, cloud security framework, Indonesia

Intel’s Strategy in IoT Standards

Ramin elahi fog_computing_ecosystem_final_dec22_updated

Neotel

The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose

Devil's Bargain: Sacrificing Strategic Investments to Fund Today's Problems

Enterprise Ethereum : How It Differs From DLT?

Destaque

Mindfulness

Alan Bassett

Wentworth LOR

Kevin D. Wentworth

Congratulations, you got an interview... now what?! During this workshop we'll look at what to expect when interviewing at different types of libraries: academic, special, and public. We'll discuss both remote and in-person interviews, and talk about the importance of doing your research, preparing questions for your interviewers, and showing confidence and personality during your interview. We will talk about, and critique, interview-appropriate attire, as well as give you tips on staying comfortable while looking professional. We will work on developing your elevator pitch, and practice answering the most commonly asked interview questions. And, finally, we will provide advice on how to follow up after the interview. Throughout, we'll emphasize how to go beyond the qualifications listed on your resume in order to show a potential employer that you are the right candidate for the job.

Preparing for Today's Job Market - The Interview

Susanne Markgren

Zyga Patient Brochure

Ann Brucciani Lyon

Prezentacja dzielnice

MadMuflon

Wentworth LOR (Billingsley)

Kevin D. Wentworth

pinkdino A4 2

Daniel Herkert

Welcome by Programmatic Bootcamp Host

iMedia Connection

Synthèse-Publics du Festival d'Avignon 2011

Aude Rochat

FINAL CAPSTONE Library

Nicholas Morciglio

ส่วนประกอบของซอกันตรึม สัดส่วนของซอกันตรึมนั้นจะเอาแน่นอนไม่ได้ ทั้งนี้เพราะต้นมะพร้าวไม่สามารถออกลูกให้เท่าๆกันทุกลูกได้ ด้วยเหตุนี้ซอกันตรึมจึงมีกะโหลกเล็กบ้างใหญ่บ้างไม่เท่ากัน

Kanjana02

pradabsook

Destaque (11)

Mindfulness

Wentworth LOR

Preparing for Today's Job Market - The Interview

Zyga Patient Brochure

Prezentacja dzielnice

Wentworth LOR (Billingsley)

pinkdino A4 2

Welcome by Programmatic Bootcamp Host

Synthèse-Publics du Festival d'Avignon 2011

FINAL CAPSTONE Library

Kanjana02

Semelhante a 20100925 cloudy security - porticor

Porticor - Can Data be safe in Public Clouds, in Compliance with Standards

giladpn

Slides 530 a2

onlineservice530

Security in Cloud Computing

Ashish Patel

Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.

Cloud Computing Security Issues and Challenges

CSCJournals

No More Dark Clouds: A Privacy Preserving Framework for the Cloud

PaaSword EU Project

An Analysis of Cloud Security

IRJET Journal

PROOM

PROCAD GmbH & Co. KG

Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...

Mark Silverberg

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

ServiceWave 2010

What is cloud

maxminhaj1

Fio presentation on Cloud Computing Solution

Ravi Srinivasan

Executive Briefing: Strategic Issues Surrounding Cloud Services

WhitmeyerTuffin

How Secure Is Cloud

William Lam

600.412.Lecture05

ragibhasan

International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.

Ad4502189193

IJERA Editor

Research Report: Cloud Trends in 2011 and beyond

Krishnan Subramanian

The Management of Security in Cloud Computing Ramgovind S, Eloff MM, Smith E School of Computing, University of South Africa, Pretoria, South Africa [email protected]; {eloff, smithe}@unisa.ac.za Abstract—Cloud computing has elevated IT to newer limits by offering the market environment data storage and capacity with flexible scalable computing processing power to match elastic demand and supply, whilst reducing capital expenditure. However the opportunity cost of the successful implementation of Cloud computing is to effectively manage the security in the cloud applications. Security consciousness and concerns arise as soon as one begins to run applications beyond the designated firewall and move closer towards the public domain. The purpose of the paper is to provide an overall security perspective of Cloud computing with the aim to highlight the security concerns that should be properly addressed and managed to realize the full potential of Cloud computing. Gartner’s list on cloud security issues, as well the findings from the International Data Corporation enterprise panel survey based on cloud threats, will be discussed in this paper. Keywords- Cloud computing; Security; Public cloud, Private cloud, Hybrid Cloud, policies, cloud transparency I. INTRODUCTION The success of modern day technologies highly depends on its effectiveness of the world’s norms, its ease of use by end users and most importantly its degree of information security and control. Cloud computing is a new and emerging information technology that changes the way IT architectural solutions are put forward by means of moving towards the theme of virtualisation: of data storage, of local networks (infrastructure) as well as software [1-2]. In a survey undertaken by the International Data Corporation (IDC) group between 2008 and 2009, the majority of results point to employing Cloud computing as a low-cost viable option to users [3]. The results also show that Cloud computing is best suited for individuals who are seeking a quick solution for startups, such as developers or research projects and even e-commerce entrepreneurs. Using Cloud computing can help in keeping one’s IT budget to a bare minimum. It is also ideally suited for development and testing scenarios. It is the easiest solution to test potential proof of concepts without investing too much capital. Cloud computing can deliver a vast array of IT capabilities in real time using many different types of resources such as hardware, software, virtual storage once logged onto a cloud. Cloud computing can also be part of a broader business solution whereby prioritised applications utilise Cloud computing functionality whilst other critical applications maintain organisational resources as per normal. This allows for cost saving whilst maintaining a secure degree of control within an orgainsation. Cloud computing can be seen as a service-oriented ...

The Management of Security in Cloud Computing Ramgovind.docx

cherry686017

Presentation capturing the cloud opportunity

xKinAnx

Cloud Computing - Why and How? (by Forrester Research, Inc.)

José Ferreiro

Cloud Computing & Security Concerns

University of San Francisco

Semelhante a 20100925 cloudy security - porticor (20)

Porticor - Can Data be safe in Public Clouds, in Compliance with Standards

Slides 530 a2

Security in Cloud Computing

Cloud Computing Security Issues and Challenges

No More Dark Clouds: A Privacy Preserving Framework for the Cloud

An Analysis of Cloud Security

PROOM

Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

What is cloud

Fio presentation on Cloud Computing Solution

Executive Briefing: Strategic Issues Surrounding Cloud Services

How Secure Is Cloud

600.412.Lecture05

Ad4502189193

Research Report: Cloud Trends in 2011 and beyond

The Management of Security in Cloud Computing Ramgovind.docx

Presentation capturing the cloud opportunity

Cloud Computing - Why and How? (by Forrester Research, Inc.)

Cloud Computing & Security Concerns

Último

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Real Time Object Detection Using Open CV

Khem

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

20100925 cloudy security - porticor

1. Bringing Cloud operational benefits to the world of security and privacy Gilad Parann-Nissany http://www.porticor.comcontact@porticor.com CSA Congress, November 16th-17th, 2010 12/7/2010 www.porticor.com © PORTICOR 2009, 2010

3. Goals Focus: public cloud Because its in some ways more challenging than private cloud Focus: IaaS/PaaS SaaS controlled by vendor Agenda Baseline assumptions Threat analysis What’s really new? What’s not? Cloud-deployed security tools Demo: WAF in the cloud Cloud-specific security considerations Demo: securing the data layer Summary: flexibility in the cloud 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 3 “Cloudy” Security

4. NOT “selling cloud” Customer IT has evaluated what they would feel comfortable putting in the cloud Customer IT understands that – in IaaS/PaaS – they still retain some responsibility Customer IT is asking the questions: “how to meet our responsibility, how to do security reasonably, and what are the tools to use?” 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 4 Baseline assumptions for this discussion

5. Shared Technology Vulnerabilities Data Loss/Data Leakage Malicious Insiders Account Service or Hijacking of Traffic Insecure APIs Nefarious Use of Service Unknown Risk Profile 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 5 Threat Analysis: I/PaaS PaaS Platform as a Service IaaS Infrastructure as a Service (*) courtesy “Cloud Security Alliance: Assuring the future of Cloud Computing”: S. Loureiro, 2010

6. Some known concepts translate to cloud with a twist APIs SaaS security Usage of IaaS And of course, there is some pretty new stuff More about this later… 12/7/2010 Copyright 2009, 2010 ©Porticor What’s new? What carries over?

9. Secure distributed data storage Keys management Hypervisors and virtual machines Role of encryption changes New data protection measures emerge (i.e. fragmentation) Physical security of cloud environments 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 9 Some new considerations

11. Package complex privacy and security technology Get the operations and economics right Pay as you go Privacy and security solutions can be brought up in a reasonable time – not months Privacy and security have proper service level guarantees Backed by proper SLA and/or Warranty 12/7/2010 www.porticor.com © PORTICOR 2009, 2010 11 Elasticity, Flexibility, Management

20100925 cloudy security - porticor

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (11)

Semelhante a 20100925 cloudy security - porticor

Semelhante a 20100925 cloudy security - porticor (20)

Último

Último (20)

20100925 cloudy security - porticor