Your SlideShare is downloading. ×
0
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
The Cloud Cube
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

The Cloud Cube

2,141

Published on

The current thinking around Cloud Forms in the Jericho Forum, it is evolving as we better grasp the challenge of Collaborating Securely in the Clouds.

The current thinking around Cloud Forms in the Jericho Forum, it is evolving as we better grasp the challenge of Collaborating Securely in the Clouds.

Published in: Technology
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total Views
2,141
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
58
Comments
1
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The Benefits of the Clouds or Avoiding The Cloud Trap! Adrius42 Recording some of the Jericho Forum thinking as it is Thunk!
  • 2. F I R S T C L A S S I F Y Y O U R D A T A !!! Determine what rules MUST apply to it. Must it only exist in specific trust levels? Then decide to which type of For example can it leave Europe? Does it have to stay in Safemove Cloud you want to Harbours? Must it stay in Europe? We need a universal data classification model that is simple (cf G8 TLP) We need a recognised trust level standard for all aspects of computing We need standardised meta data that signals to “cloud security” the data’s security needs
  • 3. Then decide do you want to move to the Clouds
  • 4. To Cloud or Not to Cloud? Traditional Clouds
  • 5. Then decide what data you want to allow in the Clouds
  • 6. With what degree of translucency
  • 7. For all Clouds are not equal... <<<< Same old Traditional Approach Massively Scalable Manual System Recovery Fully automated Tapes sent by Truck System Redundancy Data Backup and Fully automated Recovery variable risk Data Backup and Self owned Disk Storage Recovery Data Redundancy ...sometimes Fully automated Data Redundancy Warmish Back up Data Centre For Disaster Recovery Fully automated Significant switching impact Disaster Recovery And testing costs Full on Clouds this way >>>>>
  • 8. Then decide what level you want to operate in the Clouds
  • 9. Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure
  • 10. Then decide to which form of Cloud you want to move
  • 11. Cloud Forms External Internal
  • 12. Cloud Forms Proprietary Open
  • 13. Cloud Forms External Internal Proprietary Open
  • 14. Cloud Forms To get through here you need a Collaboration Oriented Architecture and the Jericho Forum Commandments Deperimeterised Perimeterised
  • 15. Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open
  • 16. Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open We need inter cloud “IPI” standards... especially those that enable Collaboration. IPI=“Information Programming Interface” There has to be a better name!!!
  • 17. Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open Recognise some pathways between Clouds will be easier to enable than others!
  • 18. Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open
  • 19. ...and ”then” ensure the controls you require are available in the Clouds... ...Oops!!! You mean “Cloud Security Central” doesn’t exist?
  • 20. Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure Cloud Maturity Scale
  • 21. We haven’t even identified all the needs yet. Bread Crumb Detector Bread Crumb Hoover Cloud Identity Services and their Providers What about Trust Levels?
  • 22. Proposed Individual Trust Levels Trust Intent Impact Trust Level Authentication Physical Level Label Activity World equiv T0 Stay None Anonymous None - Unidentified T1 Self Insignificant Self Asserted None Pseudonym Assertion* T2 Proof Minor Document Verified Authenticated: Proof of Abode of Identity Name, Address, Age Electricity Bill T3 T2+ Ability Major Legally/ Financially Authenticate Credit Credit Card to Commit Verified Worthiness and / Pay Payment Method 1Pay* Ability to Pay Varied Single use Authenticate Credit a single Financially Worthiness and Single Cash transaction Verified Use Payment Method T4 T2+ Material Government Government Passport Gov Id Verified T5 Protect Catastrophic Military Grade Positive Vetting Security Lives Clearance *1Pay: Can be appended to any Trust Level

×