Secure Cloud Computing:
 An Architecture Ontology Approach
                       KEVIN JACKSON
Forces Driving Cloud Computing - The New IT Era




  rev date 3/25/2009        slide 2
Cloud Computing Value




rev date 3/25/2009       slide 3
Cloud Computing Challenge




rev date 3/25/2009       slide 4
Unified Ontology of Cloud Computing
  (http://www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntology.pdf)




                ...
Tactical Employment Issues
 Internet connectivity assumed
 SOA platform
   • Security management
   • Application servic...
Ontology Modifications for Tactical Cloud Computing
                             Access Management
                       ...
Tactical Cloud Computing Ontology
                              Access Management
                          Cloud Applicat...
Ontology Modification – Federated SOA


                                                                                Gl...
Secure Cloud Computing – An Approach
•Access Management
     • “Out of Band”                                          Acce...
Network Centric Operations Industry Consortium
 Mission
    Our mission is to facilitate global realization of the benef...
Cloud Computing Operational Art

  Embrace collaboration
     • OSD – tactical Cloud Computing
     • TIGR – Government C...
Thank You !
Kevin.jackson@dataline.com
http://cloudcomputing.dataline.com
http://govcloud.ulitzer.com
Upcoming SlideShare
Loading in …5
×

GSAW Presentation on Cloud Security V2.1

1,189 views
1,062 views

Published on

Ground System Architecture Workshop (GSAW) presentation on cloud computing security.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,189
On SlideShare
0
From Embeds
0
Number of Embeds
53
Actions
Shares
0
Downloads
106
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

GSAW Presentation on Cloud Security V2.1

  1. 1. Secure Cloud Computing: An Architecture Ontology Approach KEVIN JACKSON
  2. 2. Forces Driving Cloud Computing - The New IT Era rev date 3/25/2009 slide 2
  3. 3. Cloud Computing Value rev date 3/25/2009 slide 3
  4. 4. Cloud Computing Challenge rev date 3/25/2009 slide 4
  5. 5. Unified Ontology of Cloud Computing (http://www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntology.pdf) Cloud Application (SaaS) Cloud Software Environment (PaaS) Cloud Software Infrastructure Computational Storage Communications Resources (IaaS) (DaaS) (CaaS) Software Kernal Firmware / Hardware (HaaS) Lamia Youseff University of California, Santa Barbara Maria Butrico, Dilma Da Silva IBM T.J. Watson Research Center
  6. 6. Tactical Employment Issues  Internet connectivity assumed  SOA platform • Security management • Application service discovery and management • Workflow orchestration  Access management
  7. 7. Ontology Modifications for Tactical Cloud Computing Access Management Cloud Application Access Management (SaaS) Cloud Application (SaaS) Cloud Application (SaaS) Cloud Application Workflow Orchestration – Policy Engine (SaaS) Workflow Orchestration Security API Cloud Software Environment Security API Services / Services(PaaS) Discovery Cloud Software Environment Services / Services Discovery (PaaS) Service Management Service Management Cloud Software Environment Cloud Software Infrastructure (PaaS) Cloud Software Environment Cloud Software Infrastructure (PaaS) Cloud Software Infrastructure Network Security Communications Computational Storage Cloud Software Infrastructure Computational Storage Communications Resources (IaaS) (DaaS) (CaaS) Network(DaaS) Connectivity Resources (IaaS) (CaaS) ComputationalNetwork Storage Communications Security Computational Resources (IaaS) Resources (DaaS) (CaaS) Storage Communications (CaaS) Software Kernal (IaaS) (DaaS) Software Kernal Software Kernal Software Kernal Firmware / Hardware (HaaS) Firmware / Hardware (HaaS)
  8. 8. Tactical Cloud Computing Ontology Access Management Cloud Application (SaaS) Workflow Orchestration – Policy Engine Security API Services / Services Discovery Service Management Cloud Software Environment (PaaS) Cloud Software Infrastructure Network Security Network Connectivity Network Security Computational Resources Storage Communications (CaaS) (IaaS) (DaaS) Software Kernal Firmware / Hardware (HaaS)
  9. 9. Ontology Modification – Federated SOA Global Governance Dynamic Tasking Access Management Access Management Cloud Application (SaaS) Cloud Application (SaaS) Workflow Orchestration – Policy Engine Workflow Orchestration – Policy Engine Security API Security API Services / Services Discovery Services / Services Discovery Service Management Service Management Cloud Software Environment Cloud Software Environment (PaaS) (PaaS) Cloud Software Infrastructure Cloud Software Infrastructure Network Security Network Security Network Connectivity Network Connectivity Network Security Network Security Storage Storage Computational Resources (IaaS) Communications (CaaS) Computational Resources (IaaS) Communications (CaaS) (DaaS) (DaaS) Software Kernal Software Kernal Firmware / Hardware (HaaS) Firmware / Hardware (HaaS)
  10. 10. Secure Cloud Computing – An Approach •Access Management • “Out of Band” Access Management Cloud Application (SaaS) authentication •Security API Workflow Orchestration – Policy Engine • Use of services Security API Services / Services Discovery • Binding of service Service Management • COI driven Cloud Software Environment management (PaaS) •Network Security Cloud Software Infrastructure • No VPN Network Security • “Data in Motion” Network Connectivity security Network Security •Computational Resources Computational Resources Storage Communications (CaaS) • VM management (IaaS) (DaaS) • Data-centric security Software Kernal model Firmware / Hardware (HaaS) • Storage • “Data at Rest” security • COI driven access
  11. 11. Network Centric Operations Industry Consortium  Mission  Our mission is to facilitate global realization of the benefit inherent in Network Centric Operations. To that end, we seek to enable continuously increasing levels of interoperability across the spectrum of joint, interagency, intergovernmental, and multinational industrial and commercial operations. We will execute this mission in good faith as a global organization with membership open to all enterprises in quest of applying the vast potential of network centric technology to the operational challenges faced by our nations and their citizens.  Past successes ◦ Network Centric Analysis Tool (NCAT) ◦ NCOIC Interoperability Framework (NIF)  Future ◦ Develop “operational art” in support of netcentric operations ◦ Support operational art advances through collaboration (Government, Industry, Non-profits, Interest Groups) ◦ Provide value to members  Use of NCOIC developed process provided differentiator in recent European procurement for a member company  NCOIC Patterns addressing interoperability concerns of member government agencies
  12. 12. Cloud Computing Operational Art  Embrace collaboration • OSD – tactical Cloud Computing • TIGR – Government Cloud Computing • Cloud Interoperability Forum  Use Operational and Capability pattern process to develop Cloud Computing Technical Patterns  Identify key netcentric operations interoperability requirements and preferences within identified technical patterns  Iterate with NCOIC stakeholder companies and government organizations  Use Capability and Operational patterns to validate operational impact of reduced cloud interoperability  Leverage analysis to drive cloud interoperability recommendations and best practices
  13. 13. Thank You ! Kevin.jackson@dataline.com http://cloudcomputing.dataline.com http://govcloud.ulitzer.com

×