Cloud security
Upcoming SlideShare
Loading in...5
×
 

Cloud security

on

  • 6,174 views

Security Lab at The Alexandra Institute focuses on developing solutions and concepts that enable secure utilisation of current and future IT and internet-based solutions. We focus on four leading ...

Security Lab at The Alexandra Institute focuses on developing solutions and concepts that enable secure utilisation of current and future IT and internet-based solutions. We focus on four leading technological trends:

Pervasive Computing
Cloud Computing
Mutual Computing
Privacy

Contact either Head of Research & Innovation
Security lab - jakob.i.pagter@alexandra.dk

Statistics

Views

Total Views
6,174
Slideshare-icon Views on SlideShare
1,606
Embed Views
4,568

Actions

Likes
3
Downloads
106
Comments
0

7 Embeds 4,568

http://alexandra.dk 3131
http://ny.alexandra.dk 1060
http://www.alexandra.dk 348
http://edit.alexandra.dk 23
http://web.alexandra.dk 4
http://thepcsecurity.com 1
http://www.serviceplatform.dk 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Generally, SaaS provides the most integrated functionality built directly into the offering, with the least consumer extensibility, and a relatively high level of integrated security (at least the provider bears a responsibility for security).PaaS is intended to enable developers to build their own applications on top of the platform. As a result it tends to be more extensible than SaaS, at the expense of customerready features. This tradeoff extends to security features and capabilities, where the built-in capabilities are less complete, but there is more flexibility to layer on additional security.IaaS provides few if any application-like features, but enormous extensibility. This generally means less integrated security capabilities and functionality beyond protecting the infrastructure itself. This model requires that operating systems, applications, and content be managed and secured by the cloud consumer.

Cloud security Cloud security Presentation Transcript

  • Alexandra Instituttet
    Cloud computing Security
    6/5/2011
  • Alexandra Institute
    Cloud computingSecurity
  • What Is Cloud Computing?
  • Cloud Benefits
  • B2B Scenario
  • B2B2C Scenario (Business to Business to Customer)
  • Innovation In Assembly Scenario
  • Cloud Computing Evolution
  • Cloud Service Models
    http://www.katescomment.com/iaas-paas-saas-definition/
  • Multi-Tenancy
  • Alexandra Institute
    Cloud computing
    Security
  • 14 Specific Cloud Computing Security Challenges*
    Migrating PII & sensitive data to the cloud
    • EU Data Protection Directive & U.S. Safe Harbor program
    • Exposure of data to foreign government & data
    • Subpoenas
    • Data retention & records management issues
    • Privacy Impact Assessments (PIA)
    Identity & Access Management
    Multi-tenancy
    Logging & Monitoring
    Data ownership /custodianship
    Quality of Service guarantees
    Securing hypervisors (Blue Pill)
    *Cloud Computing An insight in the Governance & Security aspectsMarc Vael
  • 14 Specific Cloud Computing Security Challenges*
    Attracting hackers (high value target)
    Security of virtual OS in the cloud
    BCP / DRP
    Data encryption & key management
    • Encrypting access to cloud resource control interface
    • Encrypting administrative access to OS instances
    • Encrypting access to applications
    • Encrypting application data at rest
    Public cloud vs. Internal cloud security
    Lack of public SaaS version control
    14.Using SLAs to obtain cloud security
    • Suggested requirements for cloud SLAs
    • Issues with cloud forensics & e-discovery
    *Cloud Computing An insight in the Governance & Security aspectsMarc Vael
  • Domain 2 Governance and Enterprise Risk Management
    Domain3
    Legal and Electronic Discovery
    Domain 7
    Traditional Security, Business Continuity, and Disaster Recovery
    Domain 12 Identity and Access Management
    Domain 11 Encryption and Key Management
    Domain 5 Information Lifecycle Management
    Domain 13 Virtualization
    Domain 11 Encryption and Key Management
    Domain 9Incident Response, Notification, and Remediation
    Domain 7
    Traditional Security, Business Continuity, and Disaster Recovery
    Domain 12
    Identity and Access Management
    Domain 6 Portability and Interoperability
    Domain 10
    Application Security
    How Security Gets Integrated
    Domain 2 Governance and Enterprise Risk Management
    Domain 6 Portability and Interoperability
    Domain 4 Compliance and Audit
    Domain 6 Portability and Interoperability
    Domain 8 Data Center Operations
  • For more information go to Alexandra.dk/CCSK