• Like
  • Save
Cloud Security - GSFC Presentation, Sept 23 2009
Upcoming SlideShare
Loading in...5
×
 

Cloud Security - GSFC Presentation, Sept 23 2009

on

  • 1,585 views

 

Statistics

Views

Total Views
1,585
Views on SlideShare
1,570
Embed Views
15

Actions

Likes
3
Downloads
0
Comments
1

4 Embeds 15

http://www.linkedin.com 8
http://www.slideshare.net 5
http://www.lmodules.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • http://www.fool.com/investing/general/2009/06/17/what-became-of-ibms-blue-cloud.aspx http://knowledge.wpcarey.asu.edu/article.cfm?articleid=1614
  • Two kinds of hybrid, emphasize the right one
  • Is typically built using virtualization
  • Terramark does not meet all of the aspects of cloud computing
  • Much broader market (100s, not dozens) Currently more consumer focused, less mature on the enterprise side

Cloud Security - GSFC Presentation, Sept 23 2009 Cloud Security - GSFC Presentation, Sept 23 2009 Presentation Transcript

  •  
  •  
  •  
    • Google's CEO Eric Schmidt has called such computing "transformative. It is the new model of computer architectures.”
    • IBM's Vayghan adds: "This is not something coming 20 years from now. There already are many products.”
    • “ This is about the IT industry’s new model for the next 20 years.” - Vernon Turner, IDC
    • "By 2011, early technology adopters will forgo capital expenditures and instead purchase 40 percent of their IT infrastructure as a service.” - Gartner
    • “ The Federal technology environment requires a fundamental re-examination of investments in technology infrastructure… Pilot projects will be implemented to offer an opportunity to utilize more fully and broadly departmental and Agency architectures to identify enterprise-wide common services and solutions, with a new emphasis on cloud-computing.”
  •  
    • “ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” - NIST
  •  
  •  
    • “ The canonical cloud architecture that has evolved revolves around dynamically scalable CPUs consuming asynchronous, persistently queued events.”
    • http://highscalability.com/canonical-cloud-architecture
    • (Excerpts from Gartner’s “Five Attributes of Cloud Computing”)
    • Abstracted from the implementation
    • Completely automated
    • Near real-time delivery (seconds or minutes)
    • Resources are drawn from a common pool
    • Dynamically allocated to meet demand
    • Dynamically released when appropriate
    • Fully automated
    • Common resources build economies of scale
    • Common infrastructure runs at high efficiency
    • Consumers pay for services used
    • Underlying hardware costs are irrelevant
    • Open standards and APIs
      • Almost always IP, HTTP, and REST
  •  
    • Where is it?
    • Who runs it?
    • Who are the customers?
  •  
  •  
    • Similar to:
      • Utility Computing or Grid Computing
      • Old-school “Time-sharing” on Mainframes
    • Often uses:
      • Virtualization
      • Shared storage (SAN or Cluster)
    • Target User: System Administrator
    • Doesn’t matter what it uses
    • Clouds are service-based, e.g. abstracted
    • Implementation is hidden, changeable
    • Amazon EC2, S3 and EBS
    • Linode
    • Rackspace Cloud
    • Terramark Enterprise Cloud*
    • IBM CloudBurst
    • Hardware Consolidation
    • Short-term IT needs
    • Development infrastructure
    • Network storage
    • Supplemental peak capacity
    • Interacts at the Source Code level
    • Total abstraction from infrastructure
    • “ Infinitely” scalable
    • Target User: Software Developer
    • Google AppEngine
    • Salesforce.com
    • Microsoft Azure
    • Advantages:
      • Much easier to use than IaaS
      • Applications can be more secure
      • Achieves higher efficiencies than IaaS alone
    • Disadvantages:
      • Usually a language-specific platform
      • Limited set of services (DB type, Queue, etc)
    • Can include almost any IT service:
      • Email
      • Web Hosting (Google Sites)
      • Blogs, Wikis, Forums, etc.
      • Source code control
      • Telephony
      • Office and Productivity Software
    • Target User: End-User
  •  
  •  
    • Availability
    • Integrity
    • Security
    • Generic IT Risks
    • Outsourced Infrastructure Risks
    • Cloud-specific Risks
    • Centralized IT Mgmt = Lower Risk
      • Software and OS are more up-to-date
      • Smaller attack surface
      • Centralized monitoring = faster response
    • The Hard Part:
      • Managing shared responsibilities
      • Things we do poorly have to be fixed (Auth)
    • Already well understood
      • NSPIRES, NASA.gov, Grants.gov, etc.
    • (Most) Public Cloud is not ready yet
      • FISMA compliant public clouds = Q1 2010
    • The Hard Part(s):
      • Coordinating C&A (GSA is working on this)
      • Avoiding Lock-In
    • IaaS: Hypervisor Attacks
      • Blue Pill, SubVirt
    • SaaS: Shared Execution Environment
    • Data Locality, Data Multitenancy
    • Eventual Consistency
  •  
    • Trust no one
    • Encrypt data, not just delivery
    • Store everything in 3 places
    • Separate Public and Private concerns
    • …Everything we should be doing anyway.
    • Engage in standards
    • Start with a private cloud
  •