Sembrando confianza en el CLOUDOscar LópezÁrea I+D+iXV Jornadas de Seguridad NEXTEL S.A.27/06/2013
SEED4C. Sembrando confianza en el CLOUDServicios en CLOUDIaaS PaaS SaaSCloud providerCloud customer¿Seguridad TI y ahorro ...
SEED4C. Sembrando confianza en el CLOUD• Coordinación del proyecto: Alcatel-Lucent Bell Labs• Inicio: Abril 2012• Cierre: ...
SEED4C. Sembrando confianza en el CLOUD• How to increase the Trust in Cloud Services ?Up to80%of problems may besolved wit...
SEED4C. Sembrando confianza en el CLOUD• Can we “plant” SEEDs in the Cloudto increase trust ?Building aTrusted Cloud Compu...
SEED4C. Sembrando confianza en el CLOUD• Security Embedded Element and DataPrivacy for Cloud infraestructuresIntroduction ...
SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD• Deliver Trusted Services in a multi-nodesTrusted Cloud Execution Enviroment10Poli...
SEED4C. Sembrando confianza en el CLOUDSECURITY PLANE / NoSEUSER’SDEVICEEND to END TRUSTED SERVICESEND to END TRUSTED SERV...
SEED4C. Sembrando confianza en el CLOUDInfraProviderSaaSProviderUser /TenantPaaSProviderDeviceProvider• In a multi-party p...
SEED4C. Sembrando confianza en el CLOUD• And provide compliance and evidence• Logs and audit features enforced bythe NoSE•...
SEED4C. Sembrando confianza en el CLOUD• Cómo distribuir los elementos seguros dentro deuna infraestructura para que propo...
SEED4C. Sembrando confianza en el CLOUD• Retos de investigación
SEED4C. Sembrando confianza en el CLOUD• SEEDs planting: Granularity– Network, hypervisors, servers, storage, devices– Str...
SEED4C. Sembrando confianza en el CLOUD• Mapeo de los casos de usoNetaaSPaaSIaaSSaaSNoSEClientAccessDevice1: BYOD /protect...
SEED4C. Sembrando confianza en el CLOUD• eGoverment services data protection
SEED4C. Sembrando confianza en el CLOUD• eGoverment services data protection
SEED4C. Sembrando confianza en el CLOUDBefore SEED4C After SEED4C•Security solutions based onindependent, proprietary andi...
SEED4C. Sembrando confianza en el CLOUD• Centralized cloud services for airportmanagement
SEED4C. Sembrando confianza en el CLOUDBefore SEED4C After SEED4C•Security solutions based onindependent, proprietary andi...
SEED4C. Sembrando confianza en el CLOUD• Propiedades de seguridad
SEED4C. Sembrando confianza en el CLOUD
¡Muchas Gracias!XV Jornadas de Seguridad NEXTEL S.A.27/06/2013Oscar LópezArea I+D+i¡Síguenos enRedes Sociales!
Upcoming SlideShare
Loading in …5
×

Seguridad: sembrando confianza en el cloud

725 views

Published on

Presentación de Oscar Lopez, de Nextel S.A., durante la XV Jornada de Seguridad TI de Nextel S.A. en la Alhóndiga de Bilbao el jueves 27 de junio de 2013.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
725
On SlideShare
0
From Embeds
0
Number of Embeds
67
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Seguridad TI y ahorro de costes es posible?
  • Seguridad TI y ahorro de costes es posible?
  • Seguridad: sembrando confianza en el cloud

    1. 1. Sembrando confianza en el CLOUDOscar LópezÁrea I+D+iXV Jornadas de Seguridad NEXTEL S.A.27/06/2013
    2. 2. SEED4C. Sembrando confianza en el CLOUDServicios en CLOUDIaaS PaaS SaaSCloud providerCloud customer¿Seguridad TI y ahorro de costes es posible?
    3. 3. SEED4C. Sembrando confianza en el CLOUD• Coordinación del proyecto: Alcatel-Lucent Bell Labs• Inicio: Abril 2012• Cierre: Septiembre 2014• Duración: 30 meses• 4 países: Finlandia, Francia, Corea y España
    4. 4. SEED4C. Sembrando confianza en el CLOUD• How to increase the Trust in Cloud Services ?Up to80%of problems may besolved with a protectedexecution & a properpolicy enforcement.
    5. 5. SEED4C. Sembrando confianza en el CLOUD• Can we “plant” SEEDs in the Cloudto increase trust ?Building aTrusted Cloud Computing BaseTCCBBased onA Cloud of minimal Trusted Computing Bases:the SEEDs managed by the NoSE
    6. 6. SEED4C. Sembrando confianza en el CLOUD• Security Embedded Element and DataPrivacy for Cloud infraestructuresIntroduction of NoSE. Network of Secure elements
    7. 7. SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
    8. 8. SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
    9. 9. SEED4C. Sembrando confianza en el CLOUD• SEED4C. Concept
    10. 10. SEED4C. Sembrando confianza en el CLOUD• Deliver Trusted Services in a multi-nodesTrusted Cloud Execution Enviroment10PolicyExecutionTrust &Assurance• Network• Servers• more…TrustedExecutionTrust &Assurance
    11. 11. SEED4C. Sembrando confianza en el CLOUDSECURITY PLANE / NoSEUSER’SDEVICEEND to END TRUSTED SERVICESEND to END TRUSTED SERVICESUser’s SEED enrolled in NoSETrust &Assurance• And deliver End to End security to users
    12. 12. SEED4C. Sembrando confianza en el CLOUDInfraProviderSaaSProviderUser /TenantPaaSProviderDeviceProvider• In a multi-party policy driven architecture
    13. 13. SEED4C. Sembrando confianza en el CLOUD• And provide compliance and evidence• Logs and audit features enforced bythe NoSE• Change Management of the TrustedArchitecture tracked down thanks tothe NoSE and central management• Change workflow may be enforcedtoo by trusted actors
    14. 14. SEED4C. Sembrando confianza en el CLOUD• Cómo distribuir los elementos seguros dentro deuna infraestructura para que proporcionen valorañadido a la plataforma y los servicios.• Cómo conseguir un balance de carga ycomunicación seguros entre y desde loselementos seguros (SE) a las máquinasintegradas.• Cómo abordar la ejecución de políticas(centradas en la Identidad y Privacidad),trazabilidad y garantía de los servicios finales.• Retos de investigación
    15. 15. SEED4C. Sembrando confianza en el CLOUD• Retos de investigación
    16. 16. SEED4C. Sembrando confianza en el CLOUD• SEEDs planting: Granularity– Network, hypervisors, servers, storage, devices– Strategic places IaaS, PaaS, SaaS• Multiple form factors required to match physical constraints– Secure Embedded Elements, TPM, Software in a TEE,Dedicated VM, OS Component• Network of Secure Elements (NoSE)– Communication protocols across SEEDs• Scalability of the architecture• Enrollment & Lifecycle of equipment, VMs, SEEDs in theNoSE– Enroll equipment, attach them to SEEDs• Credential management• Valor añadido
    17. 17. SEED4C. Sembrando confianza en el CLOUD• Mapeo de los casos de usoNetaaSPaaSIaaSSaaSNoSEClientAccessDevice1: BYOD /protectionof corp data2: Airport equipment Mgt.3: HSM+KeyCeremony4: EnterpriseCollaboration5:ePayment,PCI/DSS6: IAMAuth +Auditing7: Security atIaaS Level8: Monitoring Security atPaaS Layer9: Admin Access & Auditmanagement/logs10: Telco Services inthe cloud, multitenancy protection11: eGov.Services,Dataprotection12: SVPDC, VirtualData Centermanagement
    18. 18. SEED4C. Sembrando confianza en el CLOUD• eGoverment services data protection
    19. 19. SEED4C. Sembrando confianza en el CLOUD• eGoverment services data protection
    20. 20. SEED4C. Sembrando confianza en el CLOUDBefore SEED4C After SEED4C•Security solutions based onindependent, proprietary andindependent elements to secure data inthe cloud•Enhanced security related functionalityto control, access and store protecteddata in the cloud•Adopt the seeds developed for the e-Government service to manage andstore this protected data in their owninfrastructure•Add more layers of security using anetwork of secure elements: Compliance,Traceability and Auditability.• eGoverment services data protection
    21. 21. SEED4C. Sembrando confianza en el CLOUD• Centralized cloud services for airportmanagement
    22. 22. SEED4C. Sembrando confianza en el CLOUDBefore SEED4C After SEED4C•Security solutions based onindependent, proprietary andindependent elements to secure data inthe cloud•Enhanced security relatedfunctionalities•Add more layers of security using anetwork of secure elements•Provide a NoSE interconnectedgenerating a trusted network thatprovides a layer of security to theentire system: Compliance, Traceabilityand Auditability.• Centralized cloud services for airportmanagement
    23. 23. SEED4C. Sembrando confianza en el CLOUD• Propiedades de seguridad
    24. 24. SEED4C. Sembrando confianza en el CLOUD
    25. 25. ¡Muchas Gracias!XV Jornadas de Seguridad NEXTEL S.A.27/06/2013Oscar LópezArea I+D+i¡Síguenos enRedes Sociales!

    ×