Cloud Security - GSFC Presentation, Sept 23 2009

  • 1,005 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
1,005
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
0
Comments
1
Likes
3

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • http://www.fool.com/investing/general/2009/06/17/what-became-of-ibms-blue-cloud.aspx http://knowledge.wpcarey.asu.edu/article.cfm?articleid=1614
  • Two kinds of hybrid, emphasize the right one
  • Is typically built using virtualization
  • Terramark does not meet all of the aspects of cloud computing
  • Much broader market (100s, not dozens) Currently more consumer focused, less mature on the enterprise side

Transcript

  • 1.  
  • 2.  
  • 3.  
  • 4.
    • Google's CEO Eric Schmidt has called such computing "transformative. It is the new model of computer architectures.”
    • IBM's Vayghan adds: "This is not something coming 20 years from now. There already are many products.”
    • “ This is about the IT industry’s new model for the next 20 years.” - Vernon Turner, IDC
    • "By 2011, early technology adopters will forgo capital expenditures and instead purchase 40 percent of their IT infrastructure as a service.” - Gartner
  • 5.
    • “ The Federal technology environment requires a fundamental re-examination of investments in technology infrastructure… Pilot projects will be implemented to offer an opportunity to utilize more fully and broadly departmental and Agency architectures to identify enterprise-wide common services and solutions, with a new emphasis on cloud-computing.”
  • 6.  
  • 7.
    • “ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” - NIST
  • 8.  
  • 9.  
  • 10.
    • “ The canonical cloud architecture that has evolved revolves around dynamically scalable CPUs consuming asynchronous, persistently queued events.”
    • http://highscalability.com/canonical-cloud-architecture
  • 11.
    • (Excerpts from Gartner’s “Five Attributes of Cloud Computing”)
  • 12.
    • Abstracted from the implementation
    • Completely automated
    • Near real-time delivery (seconds or minutes)
  • 13.
    • Resources are drawn from a common pool
    • Dynamically allocated to meet demand
    • Dynamically released when appropriate
    • Fully automated
  • 14.
    • Common resources build economies of scale
    • Common infrastructure runs at high efficiency
  • 15.
    • Consumers pay for services used
    • Underlying hardware costs are irrelevant
  • 16.
    • Open standards and APIs
      • Almost always IP, HTTP, and REST
  • 17.  
  • 18.
    • Where is it?
    • Who runs it?
    • Who are the customers?
  • 19.  
  • 20.  
  • 21.
    • Similar to:
      • Utility Computing or Grid Computing
      • Old-school “Time-sharing” on Mainframes
    • Often uses:
      • Virtualization
      • Shared storage (SAN or Cluster)
    • Target User: System Administrator
  • 22.
    • Doesn’t matter what it uses
    • Clouds are service-based, e.g. abstracted
    • Implementation is hidden, changeable
  • 23.
    • Amazon EC2, S3 and EBS
    • Linode
    • Rackspace Cloud
    • Terramark Enterprise Cloud*
    • IBM CloudBurst
  • 24.
    • Hardware Consolidation
    • Short-term IT needs
    • Development infrastructure
    • Network storage
    • Supplemental peak capacity
  • 25.
    • Interacts at the Source Code level
    • Total abstraction from infrastructure
    • “ Infinitely” scalable
    • Target User: Software Developer
  • 26.
    • Google AppEngine
    • Salesforce.com
    • Microsoft Azure
  • 27.
    • Advantages:
      • Much easier to use than IaaS
      • Applications can be more secure
      • Achieves higher efficiencies than IaaS alone
    • Disadvantages:
      • Usually a language-specific platform
      • Limited set of services (DB type, Queue, etc)
  • 28.
    • Can include almost any IT service:
      • Email
      • Web Hosting (Google Sites)
      • Blogs, Wikis, Forums, etc.
      • Source code control
      • Telephony
      • Office and Productivity Software
    • Target User: End-User
  • 29.  
  • 30.  
  • 31.
    • Availability
    • Integrity
    • Security
  • 32.
    • Generic IT Risks
    • Outsourced Infrastructure Risks
    • Cloud-specific Risks
  • 33.
    • Centralized IT Mgmt = Lower Risk
      • Software and OS are more up-to-date
      • Smaller attack surface
      • Centralized monitoring = faster response
    • The Hard Part:
      • Managing shared responsibilities
      • Things we do poorly have to be fixed (Auth)
  • 34.
    • Already well understood
      • NSPIRES, NASA.gov, Grants.gov, etc.
    • (Most) Public Cloud is not ready yet
      • FISMA compliant public clouds = Q1 2010
    • The Hard Part(s):
      • Coordinating C&A (GSA is working on this)
      • Avoiding Lock-In
  • 35.
    • IaaS: Hypervisor Attacks
      • Blue Pill, SubVirt
    • SaaS: Shared Execution Environment
    • Data Locality, Data Multitenancy
    • Eventual Consistency
  • 36.  
  • 37.
    • Trust no one
    • Encrypt data, not just delivery
    • Store everything in 3 places
    • Separate Public and Private concerns
    • …Everything we should be doing anyway.
  • 38.
    • Engage in standards
    • Start with a private cloud
  • 39.