SlideShare une entreprise Scribd logo
1  sur  79
Télécharger pour lire hors ligne
Cloud Computing & Security: Are
    there clouds in our sky ?
> Antonio Sanz
  > I3A - IT Manager
    > Security Expert
> http://i3a.unizar.es
 > ansanz@unizar.es
  > @antoniosanzalc
Cloud
Computing
Index                                        4




     > Cloud Computing

     > Opportunities

     > Cloud Computing risks

     > Migrating to a Cloud Infraestructure



Tema 1: Diseño de software seguro
Cloud Computing Security
“Cloud computing is a model for
  enabling ubiquitous, convenient,
 on-demand network access to a
    shared pool of configurable
     computing resources (e.g.,
     networks, servers, storage,
applications, and services) that can
    be rapidly provisioned and
released with minimal management
      effort or service provider
             interaction”

    [*First & last boring slide. Promise]
Cloud Computing: Main point        6




         >On demand
         >Ubiquous
         >Resource pool
         >Elastic
         >Measureable
Tema 1: Diseño de software seguro
Cloud Computing Security
Service Types
IaaS – Infrastructure as a Service                        8



                            > Raw infrastructure

                            > Storage, network & servers

                            > We do the rest

                            > Flexible but costly

                            > Ej: Amazon AWS



Tema 1: Diseño de software seguro
Cloud Computing Security
PaaS – Platform as a Service                           9



                         > You’ve got the OS but no
                           apps

                         > IaaS + OS + Base services

                         > App deploying ok (.jar)

                         > Less control but less cost

                         > Ej: Google App Engine



Tema 1: Diseño de software seguro
Cloud Computing Security
SaaS – Software as a Service                             10



                            > You’ve got everything

                            > Iaas + Paas + Apps

                            > Ready to go

                            > Minimal control / Minimal
                              effort

                            > Ej: Salesforce.com (CRM)



Tema 1: Diseño de software seguro
Cloud Computing Security
Public, Private Clouds                      11




         > Públic: Public access, shared
           resources, (-security, -cost)
           Ej: Amazon AWS

         > Private: Private access,
           dedicated resources (+security,
           +cost)
           Ej: NASA Nebula     OpenStack



Tema 1: Diseño de software seguro
Cloud Computing Security
Community , Hybrid                        12




        > Community: Group that shares
          a private cloud
          Ej: Business holding

        > Hybrid: Mix some of the others




Tema 1: Diseño de software seguro
Cloud Computing Security
Technology
Technologies                            14



        > Virtualization

        > Shared storage

        > High speed networks

        > Multidevice access

        > Advanced Middleware (access,
          monitoring, provisioning)



Tema 1: Diseño de software seguro
Cloud Computing Security
Advantages
Cloud Computing Pros                16



        > Elasticity / Scalability

        > Availability

        > Performance

        > Ubiquous access

        > Very low CAPEX

        > OPEX savings


Tema 1: Diseño de software seguro
Cloud Computing Security
Success Case
Amazon AWS - http://aws.amazon.com/          18



        > Amazon Web Services

        > EC2 (Elastic Cloud Computing)

        > S3 (Simple Storage Service)

        > You can do … almost everything

        > Others: Rackspace, vCloud, Azure,
          IBM (great, too)



Tema 1: Diseño de software seguro
Cloud Computing Security
NetFlix - http://www.netflix.com/               19



     > Video streaming (Films, serials, shows)

     > Almost 20% of EEUU bandwidth

     > Uses Amazon AWS

     > Benefits: Escalability + Availability

     > Video transcoding “on the fly” with EC2

     > Video storage in EC3 with S3

     > Usage data analysis with EC2



Tema 1: Diseño de software seguro
Cloud Computing Security
Dropbox - http://www.dropbox.com/                 20



        > Backup in the cloud

        > Around 12Pb (12.000 Tb)

        > Uses Amazon S3

        > Benefit: Escalability

        > Business model (VIP):
          http://www.w2lessons.com/2011/04/econo
          mics-of-dropbox.html



Tema 1: Diseño de software seguro
Cloud Computing Security
Technology

             Cloud
               Is
             Good!
Cloud Computing Risks
Business Risks
Vendor Lock-In
= To have you
  by the   balls

Vendor Lock-In
Vendor Lock-In
Vendor lock-in                                     27



     > It’s hard to say goodbye

     > SaaS : No “export” option

     > PaaS : API interoperability

     > IaaS : Different technologies

     > Defsense: Right CP (Cloud Provider) choice



Tema 1: Diseño de software seguro
Cloud Computing Security
Lack of IT Governance
Lack of IT Governance                      29




    > IT Governance != Cloud Computing
      Governance

    > Limited funcionalities / High costs

    > Loss of Control of our IT

    > Defense: Clear objectives & design,
      Right CP choice



Tema 1: Diseño de software seguro
Cloud Computing Security
Compliance & Laws
Compliance & Laws                          31




       > We need to comply with all the
         regulations (PCI DSS, LOPD)

       > Imposes transitive compliance on
         the CP

       > Legal lapses

       > Defense: Good analysis, right CP
         choice



Tema 1: Diseño de software seguro
Cloud Computing Security
SLAs
SLA (Service Level Agreements)       33



      > Contract signed with CP

      > Services offered

      > Warranties offered

      > Service metrics &
        compensations/penalties

      > Defense: SLA study & tuning



Tema 1: Diseño de software seguro
Cloud Computing Security
Provider Failures
Provider failures                       35



        > “Errare machina est”

        > Starting security standards

        > CP Business Continuity plan

        > OUR Business Continuity plan

        > Defense: Business continuity
          definition, right CP choice



Tema 1: Diseño de software seguro
Cloud Computing Security
Third party failures
Third party failures                             37



        > CP = Service & Technologies
          Integrator

        > But … what about electricity,
          connectivity, HVAC ?

        > We have to take care of our
          facilities too

        > Defense: Right CP choice, third party
          evaluation (CP and proper)


Tema 1: Diseño de software seguro
Cloud Computing Security
Technical risks
Resource
Starvation
Resource starvation                            40




       > Resources are assigned on demand

       > CP scales up … but how ?

       > Situation: No more resources
         available when they were most
         needed !!

       > Defense: Resource reservation, right
         CP choice


Tema 1: Diseño de software seguro
Cloud Computing Security
Isolation Faults
Isolation Faults                                 42




     > Cloud = Shared Resources = Shared flat

     > How secure is your neighbour ?

     > Third party security failure   Everybody
       is compromised

     > Defense: Private Clouds, right CP choice




Tema 1: Diseño de software seguro
Cloud Computing Security
Data leaks
Data leaks                                       44




        > Lots of sensitive info in our CP

        > Disgruntled employees

        > Wrong service configuration

        > Defense: Right CP choice, cipher use,
          log reviews




Tema 1: Diseño de software seguro
Cloud Computing Security
Data Transit
Data Transit                                46




        > Network        Information flows

        > Local interception

        > On transit interception

        > In-Cloud Intercepcion

        > Defense: SSL, cipher use




Tema 1: Diseño de software seguro
Cloud Computing Security
Cloud Provider Compromise
CP Compromise                                    48



     > Cloud = Technology mesh = Lots of
       possible security flaws

     > Cloud interface management attacks

     > Cloud user management attacks

     > Infrastructure attacks

     > Defense: Right CP choice, SLAs, incident
       response planning


Tema 1: Diseño de software seguro
Cloud Computing Security
DDOS
DDOS / EDOS                                        50



        > DDOS (Distributed Denial Of Service)

        > Intended to take down an infrastructure
          Attack to availability

        > Cloud    Neighbour are collateral damage

        > EDOS (Economic Denial of Service)

        > Intended to cause economic damage

        > Defense: SLAs, charge limits, incident
          response



Tema 1: Diseño de software seguro
Cloud Computing Security
Cipher & Backup
Cipher                                        52



        > Sensible info      Cipher

        > Secure information deletion (wipe)

        > Defensas: Strong ciphers, guardar
          claves, SLA




Tema 1: Diseño de software seguro
Cloud Computing Security
Backups                                        53




        > Info is EVERYTHING        Backups

        > Don’t forget your backups (even if
          the CP does … you too)

        > Automated procedure

        > Defensa: Procedure design, right CP
          choice




Tema 1: Diseño de software seguro
Cloud Computing Security
Logs Access                                     54



        > Logs = Activity of our IT

        > Needed to do debugging

        > Critic if a security incident arises

        > How can access my logs ?

        > Defense: SLA, right CP choice




Tema 1: Diseño de software seguro
Cloud Computing Security
Disaster
Recovery
Disaster Recovery                                    56



     > Shit happens (Murphy’s Law)

     > Earthquakes, fires, floods, alien invasions…

     > Our CP must have a Business Continuity
       plan

     > We must have ours !!

     > Defense: Business Continuity plan



Tema 1: Diseño de software seguro
Cloud Computing Security
57
Legal Risks




Tema 1: Diseño de software seguro
Cloud Computing Security
Compliance & Laws                               58




        > Lots of laws & regulations

        > Is our CP compliant ?

        > National & International laws

        > Defense: Preliminary analysis, right
          CP choice




Tema 1: Diseño de software seguro
Cloud Computing Security
Data protection                                 59



        > LOPD (Ley Orgánica de Protección
          de Datos)

        > Cloud implies sometimes
          international data transfers
          Complicated issues

        > Safe Harbour       Amazon, Google

        > Defense: Preliminary analysis, right
          CP choice


Tema 1: Diseño de software seguro
Cloud Computing Security
Computer Forensic                          60



       > Security incident in our CP
         Someone has set up a child
         pornography site

       > Maybe anyone in our cloud !!

       > Possible result = Server seizure

       > Defense: Right CP choice, SLA,
         Business Continuity plan


Tema 1: Diseño de software seguro
Cloud Computing Security
Using Cloud Computing
Analyze
Identify Services                             63




       > Services that can benefit most from
         Cloud Computing

       > Main benefits: Scalability,
         Availability & Elasticity

       > Intermitent but heavy resource use
         services (Ej: Sports newspapers on
         mondays)



Tema 1: Diseño de software seguro
Cloud Computing Security
Evaluate CC models                           64



        > IaaS, PaaS, SaaS ?

        > ¿Public, Private, Hybrid,
          Community?

        > See what others like us are doing

        > Decide which model fits our needs
          best



Tema 1: Diseño de software seguro
Cloud Computing Security
Know
Defining security needs                        66



        > Know our service throughly

        > Define the information flows

        > Identify sensitive info

        > Measure how critical the service is

        > Assign a value to the srevice



Tema 1: Diseño de software seguro
Cloud Computing Security
Risk Analysis                                67




       > Know the existing risks when using
         cloud computing

       > Apply them to our service

       > Define a maximum risk level

       > Important!: Be utterly objective




Tema 1: Diseño de software seguro
Cloud Computing Security
Plan
Evaluate cloud providers                   69



        > Read carefully the SLA (Service
          Level Agreements)

        > Read it again

        > Evaluate security compliance

        > Added value services

        > Price !



Tema 1: Diseño de software seguro
Cloud Computing Security
Security controls                        70




       > Define security controls

       > Controls in the cloud & our IT

       > Technical & procedural control

       > Target: Lower our real risk




Tema 1: Diseño de software seguro
Cloud Computing Security
Decide
Bean counting …                              72



        > Migration costs

        > Cloud operation costs

        > Current operation costs

        > Troubleshooting costs (both cloud
          & current)

        > Make money talk …



Tema 1: Diseño de software seguro
Cloud Computing Security
Make a decision                                73



        > Evaluate pros & cons of our current
          IT model & cloud computing

        > It’s not all about money …

        > Informed decision taking

        > You always should have a plan B




Tema 1: Diseño de software seguro
Cloud Computing Security
CC offers great
  opportunities
CC has   risks
          There has to
            be a plan
Conclusiones                              75




     >Cloud computing is here

     >Lots of business models &
      opportunities

     >Must know all the risks

     >Must have a sensible business plan



Tema 1: Diseño de software seguro
Cloud Computing Security
Conclusiones


               I love it
               when a
               cloud
                 plan
                comes
               together
Don’t be under a cloud !
More info?. Press here !                                          78



  Cloud Security Alliance
  https://cloudsecurityalliance.org/

  Cloud Computing Security Guide - CSA
  http://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf

  ENISA – Cloud Computing Security Risks
  http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-
     risk-assessment

  Australia Gov. - Cloud Computing Risk Analysis Report
  http://www.dsd.gov.au/publications/Cloud_Computing_Security_Consid
     erations.pdf




Tema 1: Diseño de software seguro
Cloud Computing Security
Have a plan and jump into the sky !




Antonio Sanz / ansanz@unizar.es / @antoniosanzalc
    $slides = http://www.slideshare.net/ansanz

Contenu connexe

Tendances

Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing PresentationVivek Ravindran
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service modelsPrateek Soni
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud computing presentation
Cloud computing presentation  Cloud computing presentation
Cloud computing presentation hemanth S R
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud ComputingLiming Liu
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 

Tendances (20)

Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing Presentation
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentation
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud computing presentation
Cloud computing presentation  Cloud computing presentation
Cloud computing presentation
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment models
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloud security
Cloud securityCloud security
Cloud security
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at Rest
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

En vedette

Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insightsgiorgiacaleffi
 
Cloud computing & Security presentation
Cloud computing & Security presentationCloud computing & Security presentation
Cloud computing & Security presentationParveen Yadav
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityPiyush Mittal
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB ResultsSymantec
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the CloudsAndy Piper
 
2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey ResultsMichael Skok
 
Intro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemIntro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemReuven Lerner
 
Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Tom Raftery
 
Summer School Scale Cloud Across the Enterprise
Summer School   Scale Cloud Across the EnterpriseSummer School   Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the EnterpriseWSO2
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSun Digital, Inc.
 
Penetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesPenetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesCompTIA
 

En vedette (20)

Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insights
 
Cloud computing & Security presentation
Cloud computing & Security presentationCloud computing & Security presentation
Cloud computing & Security presentation
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and Risks
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the Clouds
 
2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results
 
Intro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemIntro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, Jerusalem
 
Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?
 
Summer School Scale Cloud Across the Enterprise
Summer School   Scale Cloud Across the EnterpriseSummer School   Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the Enterprise
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBs
 
Penetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesPenetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for Businesses
 

Similaire à Cloud computing security

Introduction to Cloud Computing (New)
Introduction to Cloud Computing (New)Introduction to Cloud Computing (New)
Introduction to Cloud Computing (New)Chathuranga Bandara
 
Confidential Computing overview
Confidential Computing overviewConfidential Computing overview
Confidential Computing overviewMark Argent
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfInfosec Train
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfinfosec train
 
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetBuilding a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetTim Nolet
 
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013Puppet
 
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptx
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptxcloud security unit 2 notes (ppt) UNIT 2 PPT.pptx
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptxPriyadharshiniMuruge10
 
XcellBackup - Cloud Data Protection Services - Powered by Acronis Backup Cloud
XcellBackup -  Cloud Data Protection Services - Powered by Acronis Backup CloudXcellBackup -  Cloud Data Protection Services - Powered by Acronis Backup Cloud
XcellBackup - Cloud Data Protection Services - Powered by Acronis Backup CloudSamir Jhaveri
 
Security policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructureSecurity policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructurecsandit
 
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURE
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURESECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURE
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTUREcscpconf
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioChristian Melendez
 
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky Model
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky ModelSecurity Threat Solution over Single Cloud To Multi-Cloud Using DepSky Model
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky ModelIOSR Journals
 
stackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeestackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeeGaurav "GP" Pal
 
What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?Priyanka Aash
 
Armo webinar rethinking your cloud security in the shadow of the solar winds ...
Armo webinar rethinking your cloud security in the shadow of the solar winds ...Armo webinar rethinking your cloud security in the shadow of the solar winds ...
Armo webinar rethinking your cloud security in the shadow of the solar winds ...LibbySchulze
 

Similaire à Cloud computing security (20)

Introduction to Cloud Computing (New)
Introduction to Cloud Computing (New)Introduction to Cloud Computing (New)
Introduction to Cloud Computing (New)
 
A safety design of
A safety design ofA safety design of
A safety design of
 
Confidential Computing overview
Confidential Computing overviewConfidential Computing overview
Confidential Computing overview
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdf
 
Cloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdfCloud Security Engineer Interview Questions.pdf
Cloud Security Engineer Interview Questions.pdf
 
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetBuilding a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with Puppet
 
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013
Building a Hyper-Secure VPC on AWS with Puppet - PuppetConf 2013
 
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptx
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptxcloud security unit 2 notes (ppt) UNIT 2 PPT.pptx
cloud security unit 2 notes (ppt) UNIT 2 PPT.pptx
 
XcellBackup - Cloud Data Protection Services - Powered by Acronis Backup Cloud
XcellBackup -  Cloud Data Protection Services - Powered by Acronis Backup CloudXcellBackup -  Cloud Data Protection Services - Powered by Acronis Backup Cloud
XcellBackup - Cloud Data Protection Services - Powered by Acronis Backup Cloud
 
Security policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructureSecurity policy enforcement in cloud infrastructure
Security policy enforcement in cloud infrastructure
 
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURE
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURESECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURE
SECURITY POLICY ENFORCEMENT IN CLOUD INFRASTRUCTURE
 
Cloud computing final show
Cloud computing final   showCloud computing final   show
Cloud computing final show
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istio
 
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky Model
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky ModelSecurity Threat Solution over Single Cloud To Multi-Cloud Using DepSky Model
Security Threat Solution over Single Cloud To Multi-Cloud Using DepSky Model
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the Cloud
 
Understanding Cloud Computing
Understanding Cloud ComputingUnderstanding Cloud Computing
Understanding Cloud Computing
 
cloud-computing-security.ppt
cloud-computing-security.pptcloud-computing-security.ppt
cloud-computing-security.ppt
 
stackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeestackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfee
 
What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?
 
Armo webinar rethinking your cloud security in the shadow of the solar winds ...
Armo webinar rethinking your cloud security in the shadow of the solar winds ...Armo webinar rethinking your cloud security in the shadow of the solar winds ...
Armo webinar rethinking your cloud security in the shadow of the solar winds ...
 

Plus de Antonio Sanz Alcober

Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Antonio Sanz Alcober
 
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.Antonio Sanz Alcober
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
SEA - Syrian Electronic Army - Cyberterrorism
SEA - Syrian Electronic Army - CyberterrorismSEA - Syrian Electronic Army - Cyberterrorism
SEA - Syrian Electronic Army - CyberterrorismAntonio Sanz Alcober
 
Sex lies and queues: Confessions of an HPC sysadmin
Sex lies and queues: Confessions of an HPC sysadminSex lies and queues: Confessions of an HPC sysadmin
Sex lies and queues: Confessions of an HPC sysadminAntonio Sanz Alcober
 
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...Antonio Sanz Alcober
 
Harry el Sucio te enseña Seguridad en Wordpress
Harry el Sucio te enseña Seguridad en WordpressHarry el Sucio te enseña Seguridad en Wordpress
Harry el Sucio te enseña Seguridad en WordpressAntonio Sanz Alcober
 
Sex, lies and magnetic tapes: Confessions of a sysadmin
Sex, lies and magnetic tapes: Confessions of a sysadminSex, lies and magnetic tapes: Confessions of a sysadmin
Sex, lies and magnetic tapes: Confessions of a sysadminAntonio Sanz Alcober
 
Cibercrimen qué hace tu dinero cuando no lo miras
Cibercrimen   qué hace tu dinero cuando no lo mirasCibercrimen   qué hace tu dinero cuando no lo miras
Cibercrimen qué hace tu dinero cuando no lo mirasAntonio Sanz Alcober
 
Administracion electronica: Tecnologías al servicio del ciudadano
Administracion electronica: Tecnologías al servicio del ciudadanoAdministracion electronica: Tecnologías al servicio del ciudadano
Administracion electronica: Tecnologías al servicio del ciudadanoAntonio Sanz Alcober
 
Solving Big problems with Condor - II HPC Sysadmins Meeting
Solving Big problems with Condor - II HPC Sysadmins MeetingSolving Big problems with Condor - II HPC Sysadmins Meeting
Solving Big problems with Condor - II HPC Sysadmins MeetingAntonio Sanz Alcober
 
Supercomputación: Haciendo HOY la ciencia del mañana
Supercomputación: Haciendo HOY la ciencia del mañanaSupercomputación: Haciendo HOY la ciencia del mañana
Supercomputación: Haciendo HOY la ciencia del mañanaAntonio Sanz Alcober
 
Análisis de la capacidad científica, tecnológica e innovadora de la república...
Análisis de la capacidad científica, tecnológica e innovadora de la república...Análisis de la capacidad científica, tecnológica e innovadora de la república...
Análisis de la capacidad científica, tecnológica e innovadora de la república...Antonio Sanz Alcober
 
Por qué un Pecha Kucha es mejor que un Iphone (y casi tanto como el chocolate)
Por qué un Pecha Kucha es mejor  que un Iphone (y casi tanto como el chocolate)Por qué un Pecha Kucha es mejor  que un Iphone (y casi tanto como el chocolate)
Por qué un Pecha Kucha es mejor que un Iphone (y casi tanto como el chocolate)Antonio Sanz Alcober
 
Capacidades de China para la ciberguerra
Capacidades de China para la ciberguerraCapacidades de China para la ciberguerra
Capacidades de China para la ciberguerraAntonio Sanz Alcober
 

Plus de Antonio Sanz Alcober (20)

Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?
 
Zen y el arte de pescar APT
Zen y el arte de pescar APTZen y el arte de pescar APT
Zen y el arte de pescar APT
 
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.
China y el ciberespionaje: Sun Tzu, APT1 y los tiempos interesantes.
 
Cyberthreats: Are we screwed ?
Cyberthreats: Are we screwed ?Cyberthreats: Are we screwed ?
Cyberthreats: Are we screwed ?
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hide
 
SEA - Syrian Electronic Army - Cyberterrorism
SEA - Syrian Electronic Army - CyberterrorismSEA - Syrian Electronic Army - Cyberterrorism
SEA - Syrian Electronic Army - Cyberterrorism
 
Sex lies and queues: Confessions of an HPC sysadmin
Sex lies and queues: Confessions of an HPC sysadminSex lies and queues: Confessions of an HPC sysadmin
Sex lies and queues: Confessions of an HPC sysadmin
 
Cómo comprar seguro en internet
Cómo comprar seguro en internetCómo comprar seguro en internet
Cómo comprar seguro en internet
 
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...
Apple compra Microsoft : Respuesta ante incidentes de seguridad en redes soci...
 
Harry el Sucio te enseña Seguridad en Wordpress
Harry el Sucio te enseña Seguridad en WordpressHarry el Sucio te enseña Seguridad en Wordpress
Harry el Sucio te enseña Seguridad en Wordpress
 
Sex, lies and magnetic tapes: Confessions of a sysadmin
Sex, lies and magnetic tapes: Confessions of a sysadminSex, lies and magnetic tapes: Confessions of a sysadmin
Sex, lies and magnetic tapes: Confessions of a sysadmin
 
Cibercrimen qué hace tu dinero cuando no lo miras
Cibercrimen   qué hace tu dinero cuando no lo mirasCibercrimen   qué hace tu dinero cuando no lo miras
Cibercrimen qué hace tu dinero cuando no lo miras
 
Administracion electronica: Tecnologías al servicio del ciudadano
Administracion electronica: Tecnologías al servicio del ciudadanoAdministracion electronica: Tecnologías al servicio del ciudadano
Administracion electronica: Tecnologías al servicio del ciudadano
 
Solving Big problems with Condor - II HPC Sysadmins Meeting
Solving Big problems with Condor - II HPC Sysadmins MeetingSolving Big problems with Condor - II HPC Sysadmins Meeting
Solving Big problems with Condor - II HPC Sysadmins Meeting
 
Supercomputación: Haciendo HOY la ciencia del mañana
Supercomputación: Haciendo HOY la ciencia del mañanaSupercomputación: Haciendo HOY la ciencia del mañana
Supercomputación: Haciendo HOY la ciencia del mañana
 
Historia de la inteligencia china
Historia de la inteligencia chinaHistoria de la inteligencia china
Historia de la inteligencia china
 
Análisis de la capacidad científica, tecnológica e innovadora de la república...
Análisis de la capacidad científica, tecnológica e innovadora de la república...Análisis de la capacidad científica, tecnológica e innovadora de la república...
Análisis de la capacidad científica, tecnológica e innovadora de la república...
 
Por qué un Pecha Kucha es mejor que un Iphone (y casi tanto como el chocolate)
Por qué un Pecha Kucha es mejor  que un Iphone (y casi tanto como el chocolate)Por qué un Pecha Kucha es mejor  que un Iphone (y casi tanto como el chocolate)
Por qué un Pecha Kucha es mejor que un Iphone (y casi tanto como el chocolate)
 
Seguridad en redes sociales
Seguridad en redes socialesSeguridad en redes sociales
Seguridad en redes sociales
 
Capacidades de China para la ciberguerra
Capacidades de China para la ciberguerraCapacidades de China para la ciberguerra
Capacidades de China para la ciberguerra
 

Dernier

Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 

Dernier (20)

Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 

Cloud computing security

  • 1. Cloud Computing & Security: Are there clouds in our sky ?
  • 2. > Antonio Sanz > I3A - IT Manager > Security Expert > http://i3a.unizar.es > ansanz@unizar.es > @antoniosanzalc
  • 4. Index 4 > Cloud Computing > Opportunities > Cloud Computing risks > Migrating to a Cloud Infraestructure Tema 1: Diseño de software seguro Cloud Computing Security
  • 5. “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” [*First & last boring slide. Promise]
  • 6. Cloud Computing: Main point 6 >On demand >Ubiquous >Resource pool >Elastic >Measureable Tema 1: Diseño de software seguro Cloud Computing Security
  • 8. IaaS – Infrastructure as a Service 8 > Raw infrastructure > Storage, network & servers > We do the rest > Flexible but costly > Ej: Amazon AWS Tema 1: Diseño de software seguro Cloud Computing Security
  • 9. PaaS – Platform as a Service 9 > You’ve got the OS but no apps > IaaS + OS + Base services > App deploying ok (.jar) > Less control but less cost > Ej: Google App Engine Tema 1: Diseño de software seguro Cloud Computing Security
  • 10. SaaS – Software as a Service 10 > You’ve got everything > Iaas + Paas + Apps > Ready to go > Minimal control / Minimal effort > Ej: Salesforce.com (CRM) Tema 1: Diseño de software seguro Cloud Computing Security
  • 11. Public, Private Clouds 11 > Públic: Public access, shared resources, (-security, -cost) Ej: Amazon AWS > Private: Private access, dedicated resources (+security, +cost) Ej: NASA Nebula OpenStack Tema 1: Diseño de software seguro Cloud Computing Security
  • 12. Community , Hybrid 12 > Community: Group that shares a private cloud Ej: Business holding > Hybrid: Mix some of the others Tema 1: Diseño de software seguro Cloud Computing Security
  • 14. Technologies 14 > Virtualization > Shared storage > High speed networks > Multidevice access > Advanced Middleware (access, monitoring, provisioning) Tema 1: Diseño de software seguro Cloud Computing Security
  • 16. Cloud Computing Pros 16 > Elasticity / Scalability > Availability > Performance > Ubiquous access > Very low CAPEX > OPEX savings Tema 1: Diseño de software seguro Cloud Computing Security
  • 18. Amazon AWS - http://aws.amazon.com/ 18 > Amazon Web Services > EC2 (Elastic Cloud Computing) > S3 (Simple Storage Service) > You can do … almost everything > Others: Rackspace, vCloud, Azure, IBM (great, too) Tema 1: Diseño de software seguro Cloud Computing Security
  • 19. NetFlix - http://www.netflix.com/ 19 > Video streaming (Films, serials, shows) > Almost 20% of EEUU bandwidth > Uses Amazon AWS > Benefits: Escalability + Availability > Video transcoding “on the fly” with EC2 > Video storage in EC3 with S3 > Usage data analysis with EC2 Tema 1: Diseño de software seguro Cloud Computing Security
  • 20. Dropbox - http://www.dropbox.com/ 20 > Backup in the cloud > Around 12Pb (12.000 Tb) > Uses Amazon S3 > Benefit: Escalability > Business model (VIP): http://www.w2lessons.com/2011/04/econo mics-of-dropbox.html Tema 1: Diseño de software seguro Cloud Computing Security
  • 21. Technology Cloud Is Good!
  • 25. = To have you by the balls Vendor Lock-In
  • 27. Vendor lock-in 27 > It’s hard to say goodbye > SaaS : No “export” option > PaaS : API interoperability > IaaS : Different technologies > Defsense: Right CP (Cloud Provider) choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 28. Lack of IT Governance
  • 29. Lack of IT Governance 29 > IT Governance != Cloud Computing Governance > Limited funcionalities / High costs > Loss of Control of our IT > Defense: Clear objectives & design, Right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 31. Compliance & Laws 31 > We need to comply with all the regulations (PCI DSS, LOPD) > Imposes transitive compliance on the CP > Legal lapses > Defense: Good analysis, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 32. SLAs
  • 33. SLA (Service Level Agreements) 33 > Contract signed with CP > Services offered > Warranties offered > Service metrics & compensations/penalties > Defense: SLA study & tuning Tema 1: Diseño de software seguro Cloud Computing Security
  • 35. Provider failures 35 > “Errare machina est” > Starting security standards > CP Business Continuity plan > OUR Business Continuity plan > Defense: Business continuity definition, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 37. Third party failures 37 > CP = Service & Technologies Integrator > But … what about electricity, connectivity, HVAC ? > We have to take care of our facilities too > Defense: Right CP choice, third party evaluation (CP and proper) Tema 1: Diseño de software seguro Cloud Computing Security
  • 40. Resource starvation 40 > Resources are assigned on demand > CP scales up … but how ? > Situation: No more resources available when they were most needed !! > Defense: Resource reservation, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 42. Isolation Faults 42 > Cloud = Shared Resources = Shared flat > How secure is your neighbour ? > Third party security failure Everybody is compromised > Defense: Private Clouds, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 44. Data leaks 44 > Lots of sensitive info in our CP > Disgruntled employees > Wrong service configuration > Defense: Right CP choice, cipher use, log reviews Tema 1: Diseño de software seguro Cloud Computing Security
  • 46. Data Transit 46 > Network Information flows > Local interception > On transit interception > In-Cloud Intercepcion > Defense: SSL, cipher use Tema 1: Diseño de software seguro Cloud Computing Security
  • 48. CP Compromise 48 > Cloud = Technology mesh = Lots of possible security flaws > Cloud interface management attacks > Cloud user management attacks > Infrastructure attacks > Defense: Right CP choice, SLAs, incident response planning Tema 1: Diseño de software seguro Cloud Computing Security
  • 49. DDOS
  • 50. DDOS / EDOS 50 > DDOS (Distributed Denial Of Service) > Intended to take down an infrastructure Attack to availability > Cloud Neighbour are collateral damage > EDOS (Economic Denial of Service) > Intended to cause economic damage > Defense: SLAs, charge limits, incident response Tema 1: Diseño de software seguro Cloud Computing Security
  • 52. Cipher 52 > Sensible info Cipher > Secure information deletion (wipe) > Defensas: Strong ciphers, guardar claves, SLA Tema 1: Diseño de software seguro Cloud Computing Security
  • 53. Backups 53 > Info is EVERYTHING Backups > Don’t forget your backups (even if the CP does … you too) > Automated procedure > Defensa: Procedure design, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 54. Logs Access 54 > Logs = Activity of our IT > Needed to do debugging > Critic if a security incident arises > How can access my logs ? > Defense: SLA, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 56. Disaster Recovery 56 > Shit happens (Murphy’s Law) > Earthquakes, fires, floods, alien invasions… > Our CP must have a Business Continuity plan > We must have ours !! > Defense: Business Continuity plan Tema 1: Diseño de software seguro Cloud Computing Security
  • 57. 57 Legal Risks Tema 1: Diseño de software seguro Cloud Computing Security
  • 58. Compliance & Laws 58 > Lots of laws & regulations > Is our CP compliant ? > National & International laws > Defense: Preliminary analysis, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 59. Data protection 59 > LOPD (Ley Orgánica de Protección de Datos) > Cloud implies sometimes international data transfers Complicated issues > Safe Harbour Amazon, Google > Defense: Preliminary analysis, right CP choice Tema 1: Diseño de software seguro Cloud Computing Security
  • 60. Computer Forensic 60 > Security incident in our CP Someone has set up a child pornography site > Maybe anyone in our cloud !! > Possible result = Server seizure > Defense: Right CP choice, SLA, Business Continuity plan Tema 1: Diseño de software seguro Cloud Computing Security
  • 63. Identify Services 63 > Services that can benefit most from Cloud Computing > Main benefits: Scalability, Availability & Elasticity > Intermitent but heavy resource use services (Ej: Sports newspapers on mondays) Tema 1: Diseño de software seguro Cloud Computing Security
  • 64. Evaluate CC models 64 > IaaS, PaaS, SaaS ? > ¿Public, Private, Hybrid, Community? > See what others like us are doing > Decide which model fits our needs best Tema 1: Diseño de software seguro Cloud Computing Security
  • 65. Know
  • 66. Defining security needs 66 > Know our service throughly > Define the information flows > Identify sensitive info > Measure how critical the service is > Assign a value to the srevice Tema 1: Diseño de software seguro Cloud Computing Security
  • 67. Risk Analysis 67 > Know the existing risks when using cloud computing > Apply them to our service > Define a maximum risk level > Important!: Be utterly objective Tema 1: Diseño de software seguro Cloud Computing Security
  • 68. Plan
  • 69. Evaluate cloud providers 69 > Read carefully the SLA (Service Level Agreements) > Read it again > Evaluate security compliance > Added value services > Price ! Tema 1: Diseño de software seguro Cloud Computing Security
  • 70. Security controls 70 > Define security controls > Controls in the cloud & our IT > Technical & procedural control > Target: Lower our real risk Tema 1: Diseño de software seguro Cloud Computing Security
  • 72. Bean counting … 72 > Migration costs > Cloud operation costs > Current operation costs > Troubleshooting costs (both cloud & current) > Make money talk … Tema 1: Diseño de software seguro Cloud Computing Security
  • 73. Make a decision 73 > Evaluate pros & cons of our current IT model & cloud computing > It’s not all about money … > Informed decision taking > You always should have a plan B Tema 1: Diseño de software seguro Cloud Computing Security
  • 74. CC offers great opportunities CC has risks There has to be a plan
  • 75. Conclusiones 75 >Cloud computing is here >Lots of business models & opportunities >Must know all the risks >Must have a sensible business plan Tema 1: Diseño de software seguro Cloud Computing Security
  • 76. Conclusiones I love it when a cloud plan comes together
  • 77. Don’t be under a cloud !
  • 78. More info?. Press here ! 78 Cloud Security Alliance https://cloudsecurityalliance.org/ Cloud Computing Security Guide - CSA http://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf ENISA – Cloud Computing Security Risks http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing- risk-assessment Australia Gov. - Cloud Computing Risk Analysis Report http://www.dsd.gov.au/publications/Cloud_Computing_Security_Consid erations.pdf Tema 1: Diseño de software seguro Cloud Computing Security
  • 79. Have a plan and jump into the sky ! Antonio Sanz / ansanz@unizar.es / @antoniosanzalc $slides = http://www.slideshare.net/ansanz