The Cloud Cube

The Benefits of the Clouds or Avoiding The Cloud Trap! Adrius42 Recording some of the Jericho Forum thinking as it is Thunk!

F I R S T C L A S S I F Y Y O U R D A T A !!! Determine what rules MUST apply to it. Must it only exist in specific trust levels? Then decide to which type of For example can it leave Europe? Does it have to stay in Safemove Cloud you want to Harbours? Must it stay in Europe? We need a universal data classification model that is simple (cf G8 TLP) We need a recognised trust level standard for all aspects of computing We need standardised meta data that signals to “cloud security” the data’s security needs

Then decide do you want to move to the Clouds

To Cloud or Not to Cloud? Traditional Clouds

Then decide what data you want to allow in the Clouds

With what degree of translucency

For all Clouds are not equal... <<<< Same old Traditional Approach Massively Scalable Manual System Recovery Fully automated Tapes sent by Truck System Redundancy Data Backup and Fully automated Recovery variable risk Data Backup and Self owned Disk Storage Recovery Data Redundancy ...sometimes Fully automated Data Redundancy Warmish Back up Data Centre For Disaster Recovery Fully automated Significant switching impact Disaster Recovery And testing costs Full on Clouds this way >>>>>

Then decide what level you want to operate in the Clouds

Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure

Then decide to which form of Cloud you want to move

Cloud Forms External Internal

Cloud Forms Proprietary Open

Cloud Forms External Internal Proprietary Open

Cloud Forms To get through here you need a Collaboration Oriented Architecture and the Jericho Forum Commandments Deperimeterised Perimeterised

Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open

Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open We need inter cloud “IPI” standards... especially those that enable Collaboration. IPI=“Information Programming Interface” There has to be a better name!!!

Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open Recognise some pathways between Clouds will be easier to enable than others!

Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open

...and ”then” ensure the controls you require are available in the Clouds... ...Oops!!! You mean “Cloud Security Central” doesn’t exist?

Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure Cloud Maturity Scale

We haven’t even identified all the needs yet. Bread Crumb Detector Bread Crumb Hoover Cloud Identity Services and their Providers What about Trust Levels?

Proposed Individual Trust Levels Trust Intent Impact Trust Level Authentication Physical Level Label Activity World equiv T0 Stay None Anonymous None - Unidentified T1 Self Insignificant Self Asserted None Pseudonym Assertion* T2 Proof Minor Document Verified Authenticated: Proof of Abode of Identity Name, Address, Age Electricity Bill T3 T2+ Ability Major Legally/ Financially Authenticate Credit Credit Card to Commit Verified Worthiness and / Pay Payment Method 1Pay* Ability to Pay Varied Single use Authenticate Credit a single Financially Worthiness and Single Cash transaction Verified Use Payment Method T4 T2+ Material Government Government Passport Gov Id Verified T5 Protect Catastrophic Military Grade Positive Vetting Security Lives Clearance *1Pay: Can be appended to any Trust Level

The Cloud Cube

by Adrius42 on Mar 21, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

1 Embed 1

Statistics

The Cloud Cube — Presentation Transcript