Your SlideShare is downloading. ×
0
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
GSAW Presentation on Cloud Security V2.1
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

GSAW Presentation on Cloud Security V2.1

938

Published on

Ground System Architecture Workshop (GSAW) presentation on cloud computing security.

Ground System Architecture Workshop (GSAW) presentation on cloud computing security.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
938
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
106
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Secure Cloud Computing: An Architecture Ontology Approach KEVIN JACKSON
  • 2. Forces Driving Cloud Computing - The New IT Era rev date 3/25/2009 slide 2
  • 3. Cloud Computing Value rev date 3/25/2009 slide 3
  • 4. Cloud Computing Challenge rev date 3/25/2009 slide 4
  • 5. Unified Ontology of Cloud Computing (http://www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntology.pdf) Cloud Application (SaaS) Cloud Software Environment (PaaS) Cloud Software Infrastructure Computational Storage Communications Resources (IaaS) (DaaS) (CaaS) Software Kernal Firmware / Hardware (HaaS) Lamia Youseff University of California, Santa Barbara Maria Butrico, Dilma Da Silva IBM T.J. Watson Research Center
  • 6. Tactical Employment Issues  Internet connectivity assumed  SOA platform • Security management • Application service discovery and management • Workflow orchestration  Access management
  • 7. Ontology Modifications for Tactical Cloud Computing Access Management Cloud Application Access Management (SaaS) Cloud Application (SaaS) Cloud Application (SaaS) Cloud Application Workflow Orchestration – Policy Engine (SaaS) Workflow Orchestration Security API Cloud Software Environment Security API Services / Services(PaaS) Discovery Cloud Software Environment Services / Services Discovery (PaaS) Service Management Service Management Cloud Software Environment Cloud Software Infrastructure (PaaS) Cloud Software Environment Cloud Software Infrastructure (PaaS) Cloud Software Infrastructure Network Security Communications Computational Storage Cloud Software Infrastructure Computational Storage Communications Resources (IaaS) (DaaS) (CaaS) Network(DaaS) Connectivity Resources (IaaS) (CaaS) ComputationalNetwork Storage Communications Security Computational Resources (IaaS) Resources (DaaS) (CaaS) Storage Communications (CaaS) Software Kernal (IaaS) (DaaS) Software Kernal Software Kernal Software Kernal Firmware / Hardware (HaaS) Firmware / Hardware (HaaS)
  • 8. Tactical Cloud Computing Ontology Access Management Cloud Application (SaaS) Workflow Orchestration – Policy Engine Security API Services / Services Discovery Service Management Cloud Software Environment (PaaS) Cloud Software Infrastructure Network Security Network Connectivity Network Security Computational Resources Storage Communications (CaaS) (IaaS) (DaaS) Software Kernal Firmware / Hardware (HaaS)
  • 9. Ontology Modification – Federated SOA Global Governance Dynamic Tasking Access Management Access Management Cloud Application (SaaS) Cloud Application (SaaS) Workflow Orchestration – Policy Engine Workflow Orchestration – Policy Engine Security API Security API Services / Services Discovery Services / Services Discovery Service Management Service Management Cloud Software Environment Cloud Software Environment (PaaS) (PaaS) Cloud Software Infrastructure Cloud Software Infrastructure Network Security Network Security Network Connectivity Network Connectivity Network Security Network Security Storage Storage Computational Resources (IaaS) Communications (CaaS) Computational Resources (IaaS) Communications (CaaS) (DaaS) (DaaS) Software Kernal Software Kernal Firmware / Hardware (HaaS) Firmware / Hardware (HaaS)
  • 10. Secure Cloud Computing – An Approach •Access Management • “Out of Band” Access Management Cloud Application (SaaS) authentication •Security API Workflow Orchestration – Policy Engine • Use of services Security API Services / Services Discovery • Binding of service Service Management • COI driven Cloud Software Environment management (PaaS) •Network Security Cloud Software Infrastructure • No VPN Network Security • “Data in Motion” Network Connectivity security Network Security •Computational Resources Computational Resources Storage Communications (CaaS) • VM management (IaaS) (DaaS) • Data-centric security Software Kernal model Firmware / Hardware (HaaS) • Storage • “Data at Rest” security • COI driven access
  • 11. Network Centric Operations Industry Consortium  Mission  Our mission is to facilitate global realization of the benefit inherent in Network Centric Operations. To that end, we seek to enable continuously increasing levels of interoperability across the spectrum of joint, interagency, intergovernmental, and multinational industrial and commercial operations. We will execute this mission in good faith as a global organization with membership open to all enterprises in quest of applying the vast potential of network centric technology to the operational challenges faced by our nations and their citizens.  Past successes ◦ Network Centric Analysis Tool (NCAT) ◦ NCOIC Interoperability Framework (NIF)  Future ◦ Develop “operational art” in support of netcentric operations ◦ Support operational art advances through collaboration (Government, Industry, Non-profits, Interest Groups) ◦ Provide value to members  Use of NCOIC developed process provided differentiator in recent European procurement for a member company  NCOIC Patterns addressing interoperability concerns of member government agencies
  • 12. Cloud Computing Operational Art  Embrace collaboration • OSD – tactical Cloud Computing • TIGR – Government Cloud Computing • Cloud Interoperability Forum  Use Operational and Capability pattern process to develop Cloud Computing Technical Patterns  Identify key netcentric operations interoperability requirements and preferences within identified technical patterns  Iterate with NCOIC stakeholder companies and government organizations  Use Capability and Operational patterns to validate operational impact of reduced cloud interoperability  Leverage analysis to drive cloud interoperability recommendations and best practices
  • 13. Thank You ! Kevin.jackson@dataline.com http://cloudcomputing.dataline.com http://govcloud.ulitzer.com

×