Massonet Philippe Panel - Security in the clouds: An Academic Perspective

573 views
532 views

Published on

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
573
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • FISMA= Federal Information Security Management Act
  • Massonet Philippe Panel - Security in the clouds: An Academic Perspective

    1. 1. Panel - Security in the clouds: An Academic Perspective Massonet Philippe Scientific Coordinator CETIC Research Center, Belgium 13-15 December 2010 ServiceWave 2010
    2. 2. <ul><li>Authors </li></ul><ul><li>Massonet Philippe, CETIC </li></ul>ICSOC-ServiceWave 2009 13-15 December 2010
    3. 3. Panel - Security in the clouds: An Academic Perspective 13-15 December 2010
    4. 4. Improvements in Cloud Security 13-15 December 2010 <ul><li>Cloud providers are offering several predefined levels of security to choose from </li></ul><ul><ul><li>E.g. Amazon Virtual Private Cloud : extend your IT with IPsec VPN connection to Amazon, Isolated resources and apply your security policies </li></ul></ul><ul><li>Cloud providers are improving trust with certification </li></ul><ul><ul><li>E.g. Google obtains FISMA certification and accreditation  Google Apps for goverment agencies </li></ul></ul><ul><ul><ul><li>Segregated community cloud for US goverment, Data stored in US only </li></ul></ul></ul><ul><ul><li>FISMA </li></ul></ul><ul><ul><ul><li>emphasizes “ risk-based policy for cost-effective security” </li></ul></ul></ul><ul><ul><ul><li>Categorize data/systems according to risk level </li></ul></ul></ul>
    5. 5. Top Challenges in Cloud Security 13-15 December 2010 <ul><li>Challenges: </li></ul><ul><ul><li>Loss of governance </li></ul></ul><ul><ul><li>Compliance challenges </li></ul></ul><ul><ul><li>Risk from changes of jurisdiction </li></ul></ul><ul><ul><li>Manage the risks related to resilience of the cloud </li></ul></ul><ul><ul><li>Need more transparency </li></ul></ul><ul><ul><ul><li>Accountability </li></ul></ul></ul><ul><ul><ul><li>Auditability </li></ul></ul></ul><ul><ul><ul><li>Risk management </li></ul></ul></ul><ul><ul><li>Portability/interoperability, ... </li></ul></ul><ul><li>Several studies related to security (CAMM) </li></ul>
    6. 6. Shift of Responsibilities with e.g. IaaS <ul><li>SP responsibilities </li></ul><ul><ul><li>Defines the deployment with a service manifest, Defines elasticity </li></ul></ul><ul><ul><li>Monitors/administers the VM </li></ul></ul>User Service Provider Virtualisation <ul><li>IP responsibilities: manages the physical and virtual infrastructure </li></ul><ul><ul><li>Placement of VM on physical machines: optimisation such that SLAs are satisfied </li></ul></ul><ul><ul><li>Elastcicity: scale up and down </li></ul></ul>Currently the transfer of responsibility is incomplete : transfert of control, but not accountability/liability Web Server App Server Db Server Infrastructure Provider
    7. 7. Some Research Directions forCloud Security 13-15 December 2010 <ul><li>Improving trust by giving the cloud user more control: </li></ul><ul><ul><li>Client side usage control for clouds </li></ul></ul><ul><ul><li>Trusted computing in clouds (hardware based security) </li></ul></ul><ul><li>Improve trust in cloud provider : </li></ul><ul><ul><li>V&V by design and Monitoring of isolation in the virtual infrastructure layer </li></ul></ul>
    8. 8. THANK YOU Questions and Answers www.reservoir-fp7.eu
    9. 9. ICSOC-ServiceWave 2009

    ×