basics of cloud computing

8,390 views

Published on

Cours donné en décembre 2011 dans le cadre du diplôme en sécurité de l'information INFOSAFE (www.infosafe.be)

Published in: Education, Technology, Business
0 Comments
7 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
8,390
On SlideShare
0
From Embeds
0
Number of Embeds
926
Actions
Shares
0
Downloads
1,685
Comments
0
Likes
7
Embeds 0
No embeds

No notes for slide
  • Aleric partners with Global Enterprises to further their business interests utilizing Cloud Computing. We provide technology and services where cloud-based business applications can be timely deployed and tailored to our partner’s needs - by market or industry. Aleric cloud platform is unique in its formation and history – combining over a decade of industry experience in Global Management, Enterprise Security, and Virtualization. Aleric offers a consulted approach that works in partnership, and mutually beneficial ways to ensure the success and best-practice/ROI of our partners.
  • Aleric partners with Global Enterprises to further their business interests utilizing Cloud Computing. We provide technology and services where cloud-based business applications can be timely deployed and tailored to our partner’s needs - by market or industry. Aleric cloud platform is unique in its formation and history – combining over a decade of industry experience in Global Management, Enterprise Security, and Virtualization. Aleric offers a consulted approach that works in partnership, and mutually beneficial ways to ensure the success and best-practice/ROI of our partners.
  • basics of cloud computing

    1. 1. Basics management aspects of Cloud Computing INFOSAFE 17 décembre 2011
    2. 2. <ul><li>Myth & Facts of Cloud computing </li></ul><ul><li>• Myths </li></ul><ul><li>▫ Cloud computing will eliminate the need for IT </li></ul><ul><li>personnel . </li></ul><ul><li>▫ Cloud computing will eliminate IT expense </li></ul><ul><li>• Facts </li></ul><ul><li>▫ Cloud technology is real </li></ul><ul><li>▫ This technology should not be ignored </li></ul>
    3. 5.
    4. 6. What is said: “ Biggest Paradigm Shift in 20 years” “ Game Changers” “ Tremendous Cost Cutting” “ Just On” “ Pay As You Go” Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    5. 7. First, What the heck is Cloud Computing First, what the heck is Cloud Computing? … in simple, plain English please! Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    6. 8. Let’s use a simple analogy Say you just moved to a city, and you’re looking for a place to live Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    7. 9. You can either Build a house or Rent an apartment Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    8. 10. If you build a house, there are a few important decisions you have to make… Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    9. 11. How big is the house? are you planning to grow a large family? Remodel, addition typically cost a lot more once the house is built Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    10. 12. But, you get a chance to customize it Roof windows lighting Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    11. 13. Once the house is built, you’re responsible for maintenance Hire Landscaper Electrician Plumber Pay property tax Water Gutter Cleaning Heating and Cooling House Keeping Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    12. 14. How about renting ?
    13. 15. Consider a builder in your city builds a massive number of apartment units Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    14. 16. A unit can easily be converted into a 2,3,4 or more units Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    15. 17. You make a fewer, simpler decisions You can start with one unit and grow later, or downsize Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    16. 18. But… You do not have a lot of options to customize your unit Andy Harjanto I’m cloud confuse d http://www.andyharjanto.com
    17. 19. However, builders provide you with very high quality infrastructure high speed Internet high capacity electricity triple pane windows green materials
    18. 20. No need to worry about maintenance Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    19. 21. Just pay your rent and utilities Pay as You Go Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    20. 22. Let’s translate to Cloud Computing ?
    21. 23. As an end-consumer, believe it or not you’ve been using Cloud for long times Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    22. 24. Yes, most of them are Free
    23. 25. In return, you’re willing to give away... your information for ads and other purposes
    24. 26. But you’ve been enjoying High Reliability Service Unlimited Storage Connecting, Sharing (ok, ok, most of them are)
    25. 27. OK, Now tell that to the business owner Give up your data , then you can use this infrastructure for free
    26. 28. This is how their CEO would feel
    27. 29. My Business Needs… Security Privacy Reliability High Availability
    28. 30. Building Enterprise Software Stone Wall Fire-proof Moat Army Death Hole is like…. Building Medieval Castle Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    29. 31. Let’s Hire an Army of IT Engineers Software Upgrade Support Backup/Restore Service Pack Development Network issues Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    30. 32. Let’s Build Huge Data Center Capacity Planning Disaster Plan Cooling Management Server Crashes Andy Harjanto I’m cloud confused http://www.andyharjanto.com
    31. 33. In the mean time,… Many things have changed
    32. 34. The enterprise world we live in 2010 and beyond Global Direct, Open Customers Communication Transparency Work Remotely Digital Life Convergence (e.g. Social Media) (Work and Personal lines are blurring) (Customers, Resources, IPs are acquired everywhere) (Mobility Trend) (Blogs, Social Computing)
    33. 35. Layoffs 2008-2012 Economy is upside down Excess Capacity Bankruptcy
    34. 36. Can we bridge the gap?
    35. 37. Requires a New Way of Thinking
    36. 38. Leave it the experts who have a lot of money to spend to build giant datacenters across the globe
    37. 39. Your data is replicated 3 or 4 times in their data center High Availability
    38. 40. Adding “ servers” is a click away. Running in just minutes, not days High Traffic?
    39. 41. It can even load balance your server traffic
    40. 42. Expect your Cloud Network is always up
    41. 43. Yes, you can even pick where your data and “servers” reside
    42. 44. Business Contraction? Just reduce your computing power, storage
    43. 45. Wait, What is the catch?
    44. 46. Cloud Computing is a relatively new technology
    45. 47. Only a handful of major players can build this massive infrastructure
    46. 48. Not many software written yet to take advantage of cloud infrastructure
    47. 49. Sensitive Data in the Cloud? are there yet? Data at Rest Data in Motion Encryption
    48. 50. Yes, you’re loosing some controls physical security some configurations
    49. 51. Let’s clear common confusions about Cloud Computing
    50. 52. Who is paying whom?
    51. 53. Typical Scenarios You (Business, Individual) Software/Service Providers Cloud/Infrastructure Provider You may also build software directly on the provider’s platform and pay them directly
    52. 54. Do I have to start over?
    53. 55. In some cases, you could redirect your data to the cloud Migrate Data to the Cloud Before
    54. 56. In some cases, you could redirect your data to the cloud After
    55. 57. However, to take advantage fully , migrate all or create new apps on the cloud Employees Customers Suppliers
    56. 58. Source: Wikipedia SO LET’S START TO GO INTO MORE DETAILS
    57. 59. Definition <ul><li>“ A style of computing where scalable and elastic IT-related capabilities are provided “as-a-service” using internet technologies to multiple external customers.” (Gartner) </li></ul><ul><li>“ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (National Institute of Standards and Technology) </li></ul>
    58. 60. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france Who are the players ?
    59. 61. The different players in the Cloud Computing sectors are: • New entrants : Terremark (USA), Rackspace, GoGrid (USA), LinkByNet (France), Ghandi (France), etc. • Major IT Companies : Microsoft, IBM, SUN, etc. • Telecommunications companies : Orange Business Services (France), COLT Telecom (Europe), British Telecom, etc. • Constructors and software providers : VMWare, EMC, Citrix, etc. • Internet companies : Google (USA), Amazon Web Services (USA), Salesforce (USA), etc. • Consulting firms : Cap Gemini, Gartner, Forrester, IDC, etc. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    60. 62. <ul><li>Five key characteristics, </li></ul><ul><li>explained by the Gartner (Plummer, et al., 2009) and the National Institute of Standards and Technologies (Mell, et al., 2009) : </li></ul><ul><li>• A service-oriented technology, where consumer concerns are abstracted from provider concerns, and that is ready-to-use SERVICE BASED ; </li></ul><ul><li>• Services scale on-demand to add or remove resources as needed RAPID ELASTICITY AND SCALABILITY ; </li></ul><ul><li>• Services share a pool of resources to build economies of scale SHARED RESOURCES ; </li></ul><ul><li>• Services are tracked with usage metrics to enable the “pay-as-you-go model” PAY PER USE ; </li></ul><ul><li>• Services are delivered through use of Web identifiers, standards, formats and protocols and with an identical access UBIQUITOUS NETWORK ACCESS ; </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    61. 63. 3 types of services Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    62. 64. Software as a Service (SaaS) <ul><li>This is the Top most layer of the cloud computing stack - directly consumed by end user . </li></ul><ul><li>On-Premise applications are expensive, affordable only to big enterprises. </li></ul><ul><li>Why? </li></ul><ul><li>Cause On-Premise applications had a very high upfront CapEx (Capital Expenditure); which results in a high TCO (Total Cost of Ownership). On-Premise apps also require a higher number of skilled developers to maintain the application. In its current avatar SaaS is going to be the best bet for SMEs / SMBs (Small & Mid size businesses). Now, they can afford best software solution for their business without investing anything at all on the infrastructure or development platform or skilled manpower. The only requirement for SaaS is a computer with browser, quite basic. SaaS is a recurring subscription based model delivered to customer on demand – Pay as you use . </li></ul>http://www.techno-pulse.com/ SaaS (Software as a Service) : concerne les applications d’entreprise : CRM, outils collaboratifs, messagerie, BI, ERP,... Le modèle SaaS permet de déporter une application chez un tiers. Ce modèle convient à certaines catégories d’applications qui se doivent d’être globalement identiques pour tout le monde, la standardisation étant un des principes du cloud. Le terme SaaS évoque bien un service dans le sens où le fournisseur vend une fonction opérationnelle, et non des composants techniques requérant une compétence informatique
    63. 65. Software as a service (SAAS) <ul><li>The service provided makes use of the provider’s applications accessible through a client interface, such as a web browser (ex: Gmail). </li></ul><ul><li>The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system, the storage and cannot add specific development (even if there are limited user specific application configuration settings). </li></ul><ul><li>Offers: Billing, Financials, Legal, Sales, Desktop productivity, Human Resources, Content Management, Backup & Recovery, CRM (Customer Relationship Management), Document Management, Collaboration Tools, Social Networks. </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    64. 66. Platform as a service (PAAS) <ul><li>The service provided consists in the deployment of consumercreated applications on the provider’s infrastructure and the use of programming languages and tools supported by the platform (ex: Java or Python available on Google App Engine). </li></ul><ul><li>The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system and the storage but he has control over the deployed applications, and occasionally application hosting environment configurations. </li></ul><ul><li>Offers: General purpose, Business intelligence, Integration, Development & Testing, Database. </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france PaaS (Platform as a Service) : concerne les environnements middleware, de développement, de test,... Le modèle PaaS consiste à mettre à disposition un environnement prêt à l’emploi, l’infrastructure étant masquée. Une plate-forme PaaS permet par exemple d’avoir un environnement de développement immédiatement disponible
    65. 67. Platform as a Service (PaaS) <ul><li>Now you don’t need to invest millions of $$$ to get that development foundation ready for your developers. </li></ul><ul><li>The PaaS provider will deliver the platform on the web, and in most of the cases you can consume the platform using your browser, i.e. no need to download any software. </li></ul><ul><li>It has definitely empowered small & mid-size companies or even an individual developer to launch their own SaaS leveraging the power of these platform providers, without any initial investment. </li></ul><ul><li>PaaS Examples </li></ul><ul><li>Google App Engine and Windows Azure are examples of Cloud OS. OrangesScape & Wolf PaaS are cloud middleware. </li></ul>http://www.techno-pulse.com/
    66. 68. INFRASTRUCTURE AS A SERVICE (IAAS) <ul><li>The service provided gives the possibility to rent resources, such as processing, storage or bandwidth, and allows the consumer to deploy and run anysoftware (operating systems and/or applications). </li></ul><ul><li>The consumer doesn’t manage and control the infrastructure but he controls the operating system, the storage, the deployed applications, and occasionally networking components (firewall, load balancing). </li></ul><ul><li>Some providers offer to manage the application if the latter is not too specific and is compatible with the perimeter of their offer. </li></ul><ul><li>o Offers: Storage, Compute, Services Management. </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france concerne les serveurs, moyens de stockage, réseau, ... Le modèle IaaS consiste à pouvoir disposer d’une infrastructure informatique disponible via un modèle de déploiement cloud computing. L’accès à la ressource est complet et sans restriction, équivalent de fait à la mise à disposition d’une infrastructure physique réelle. Ainsi une entreprise pourra par exemple louer des serveurs Linux, Windows ou autres systèmes, qui tourneront en fait dans une machine virtuelle chez le fournisseur de l’IaaS.
    67. 69. Infrastructure as a Service (IaaS) <ul><li>This is the base layer of the cloud stack. </li></ul><ul><li>It serves as a foundation for the other two layers, for their execution. The keyword behind this stack is Virtualization. </li></ul><ul><li>Let us try to understand this using Amazon EC2. In Amazon EC2 (Elastic Compute Cloud) your application will be executed on a virtual computer (instance). You have the choice of virtual computer, where you can select a configuration of CPU, memory & storage that is optimal for your application. The whole cloud infrastructure viz. servers, routers, hardware based load-balancing, firewalls, storage & other network equipments are provided by the IaaS provider. The customer buy these resources as a service on a need basis. </li></ul>http://www.techno-pulse.com/
    68. 70. Qui contrôle quoi ?
    69. 71. IT Cloud Services Taxonomy © 2009 IDC Cloud Applications (Apps-as-a-service) Cloud (Application) Platforms (Platform-as-a-Service) Cloud Infrastructure (Infrastructure-as-a-Service) App Deploy IT Cloud Services App Dev/Test
    70. 72. All Types of IT Software & Hardware Are or Will Be Offered as Cloud Services … © 2009 IDC Application Development Software Application Server Middleware Data Access, Analysis, and Delivery Information & Data Management Integration & Process Automation Middleware Other Application Dev and Deployment Quality & Life-Cycle Tools Enterprise Portals Servers Storage Networks Clients System and Network Management Software Security Software Storage Software System Software Collaborative Applications Content Applications Enterprise Resource Management Applications Supply Chain Management Applications Operations and Manufacturing Applications Engineering Applications Customer Relationship Management Applications Cloud Applications (Apps-as-a-service) Cloud (Application) Platforms (Platform-as-a-Service) Cloud Infrastructure (Infrastructure-as-a-Service) App Deploy IT Cloud Services App Dev/Test App Dev & Deployment Systems Infrastructure Software Systems Storage (Software-as-a-Service) Applications … many IT and Network Services will also be transformed and extended to support the cloud service delivery model… Corresponding Primary Market IDC IT Product Taxonomy
    71. 73. Cloud Services Definition - updated © 2009 IDC Consumer and Business products, services and solutions delivered and consumed in real-time over the Internet Cloud Services Public - open to a largely unrestricted universe of potential users; designed for a market, not a single enterprise Private - designed for, and access restricted to, a single enterprise (or extended enterprise); an internal shared resource, not a commercial offering; IT Org is the “vendor” of the shared/std service to its users Deployment Models [Note: large gray zones between these two broad categories] <ul><li>Shared, standard service – built for a market (public), not a single customer </li></ul><ul><li>Solution-packaged – a “turnkey” offering, integrates required resources </li></ul><ul><li>Self-service – admin, provisioning; may require some “on-boarding” support </li></ul><ul><li>Elastic scaling – dynamic and fine-grained </li></ul><ul><li>Use-based pricing – supported by service metering </li></ul><ul><li>Accessible via the Internet/IP – ubiquitous (authorized) network access </li></ul><ul><li>Standard UI technologies – browsers, RIA clients and underlying technologies </li></ul><ul><li>Published service interface/API – e.g., web services APIs </li></ul>Key Attributes
    72. 74. Different type of cloud <ul><li>Public clouds </li></ul><ul><li>External private clouds </li></ul><ul><li>Private clouds </li></ul><ul><li>Hybrid clouds </li></ul><ul><li>Community clouds </li></ul>
    73. 75. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    74. 76. Public clouds <ul><li>Infrastructures are shared with a “Pay-as-you-go” model. </li></ul><ul><li>This off-premise virtualized infrastructure is easily accessible and can be managed through a portal of the provider. </li></ul><ul><li>The provider can make economies of scale: the homogeneous infrastructures are shared with all the consumers and managed and updated by the Cloud provider. </li></ul><ul><li>Consumer can choose the infrastructure they need, and choose all the security elements and the uptime (SLA). </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    75. 77. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    76. 78. External private cloud <ul><li>We are also seeing an increase number of External Private Clouds offerings (off-premises): </li></ul><ul><li>This provides a way for companies to create a logically separated set of virtual machines, a secure VPN connection to their own networks (Virtual Private Network is a secure tunnel through the Internet from a corporate network to provider’s servers). </li></ul><ul><li>It also enables the use of existing security and management policies. </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    77. 79. Private clouds <ul><li>Internal pool of resources inside the Date Centers of a company. </li></ul><ul><li>Internal Private Clouds are sometimes seen as a simple evolution of the classic Information System of an organization but have some characteristics of Public Clouds (they use the virtualization and dynamic provisioning). </li></ul><ul><li>Private Clouds are companies who only want to use services that are hosted in-house and do not want to share their infrastructure. </li></ul><ul><li>This type of Cloud respect the standard process and security policy of the company but doesn’t not offer as much benefits and flexibility to the CIO: he always have to invest in the hardware and software. </li></ul>
    78. 80. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    79. 81. Hybrid cloud <ul><li>Combination of different clouds (for example Public and Private Clouds) that allow for transitive information exchange and possibly application compatibility and portability across disparate Cloud service offerings and providers utilizing standard or proprietary methodologies regardless of ownership or location. </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    80. 82. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    81. 83. COMMUNITY CLOUD <ul><li>Infrastructures, shared by several organizations, support a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). </li></ul><ul><li>The US Government and NASA created a community cloud for all US government agencies. </li></ul><ul><li>This type of cloud combines two worlds: Public Cloud (different entities sharing their infrastructure) and Private Cloud (specific organizations use their own Data Centers and know with whom they share their infrastructure). </li></ul>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    82. 84. Impact on the organization
    83. 85. Impact on the organization <ul><li>Strategy: What are the impacts on the strategy when it goes from controlling an infrastructure to controlling a process? What new strategies are possible now? </li></ul><ul><li>• Systems: What happen to the processes of the IT department? (ITIL, Build versus Run, contract management) </li></ul><ul><li>• Structure: How can the IT department be aligned with the business strategy? Does a company need a new organization? What happens to the CIO and the decision making? </li></ul><ul><li>• Shared values: Can an organization be still working in silos? A key element will be developed in the corporation culture </li></ul><ul><li>• Style: Does the managers have to behave differently? </li></ul><ul><li>• Staff: What happens to the actual employees? New jobs created? </li></ul><ul><li>• Skills: What skills does the employees need in this new model? </li></ul>
    84. 86. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    85. 87. QUELQUES CHIFFRES
    86. 88. IT Cloud Services Forecast Update ( preliminary ) © 2009 IDC Worldwide IT Cloud Services Revenue* by Product/Service Type * Includes revenue from delivery of Applications, Application Development & Deployment Software, Systems Infrastructure Software, Server capacity and Disk Storage capacity via the Cloud Services model; AD&D excludes online B2B messaging providers/exchanges 2009 $17.4 billion 2013 $44.2 billion Source: IDC, September 2009 Applications 49% App Dev/Deploy 10% Storage 9% Servers 12% Infra- structure Software 20% Applications 38% App Dev/Deploy 13% Storage 14% Servers 15% Infra- structure Software 20%
    87. 89. Cloud User Surveys – Adoption Areas © 2009 IDC (Scale: 1 = Very Unlikely 5 = Very Likely) Q: Rate your likelihood to pursue the cloud model for the following Source: IDC Enterprise Panel, 3Q09, n = 263, September 2009 48.6% 49.1% 49.8% 50.6% 51.3% 52.9% 54.8% 55.1% 55.6% 59.4% 66.9% 67.3% 0% 10% 20% 30% 40% 50% 60% 70% 80% IT/Information Security Application dev/test/deploy platform Business Intelligence/Analytics Server capacity on demand IT Management software Storage capacity on demand Data/Content Distribution services Personal productivity apps Business apps (CRM, HR, ERP) Data Back-up or Archive services Web applications/Web serving Collaboration applications
    88. 90. Cloud User Surveys – Vendor Requirements © 2009 IDC (Scale: 1 = Not at all important 5 = Very Important) Q: How important is it that cloud service providers … Source: IDC Enterprise Panel, 3Q09, n = 263, September 2009 72.9% 78.3% 79.2% 81.0% 82.1% 84.5% 86.0% 87.8% 88.6% 91.6% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Have local presence, can come to my offices Are a technology and business model innovator Offer both on-premise and public cloud services Support many of my IT needs Allow managing on-premise & cloud together Understand my business and industry Provide a complete solution Option to move 'cloud' offerings back on premise Offer Service Level Agreements (SLAs) Offer competitive pricing
    89. 91. Is this just Hosting 2.0?
    90. 92. No , they have different architectures and business model Cloud Players Hosting Players Only few can afford billions dollar investment on data centers Hundreds of them around the world
    91. 93. Hosting Players Often yearly Your contracts Cloud Players Pay As You Go Pay only what you use
    92. 94. Hosting Players Reliability , High Availability, Capacity Elasticity Cloud Players Built-in Redundancy Virtually unlimited storage, computing power You have to manage reliability, fail over yourself Bring your own or rent servers to increase capacity
    93. 95. Source: Wikipedia CLOUD BENEFITS
    94. 96. Cloud User Surveys - Benefits © 2009 IDC Q: Rate the benefits commonly ascribed to the 'cloud'/on-demand model Source: IDC Enterprise Panel, 3Q09, n = 263, September 2009 (Scale: 1 = Not at all important 5 = Very Important) 54.0% 63.9% 64.6% 67.0% 68.5% 75.3% 77.7% 77.9% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Seems like the way of the future Sharing systems with partners simpler Always offers latest functionality Requires less in-house IT staff, costs Encourages standard systems Monthly payments Easy/fast to deploy to end-users Pay only for what you use
    95. 97. © 2009 IDC
    96. 98. © 2009 IDC
    97. 99. Cloud Features & Benefits for Enterprises <ul><li>Highly virtualized and standardized infrastructures </li></ul><ul><li>Massive scalability </li></ul><ul><li>Fault tolerant & highly reliable </li></ul><ul><li>Intra- & Inter-cloud load balance </li></ul><ul><li>Instant application deployment </li></ul><ul><li>Simplified, more efficient IT and application management </li></ul><ul><li>Deliver more applications to large number of users </li></ul><ul><li>Excellent service quality </li></ul><ul><li>Higher utilization at reduced cost </li></ul><ul><li>Time-to-market </li></ul>
    98. 100. Cloud Features & Benefits for Users <ul><li>Highly virtualized and standardized infrastructures </li></ul><ul><li>Massive scalability </li></ul><ul><li>Fault tolerant & highly reliable </li></ul><ul><li>Intra- & Inter-cloud load balance </li></ul><ul><li>Instant application deployment </li></ul><ul><li>No need to install or update SW or HW; access from any browser </li></ul><ul><li>Unlimited use </li></ul><ul><li>Always on </li></ul><ul><li>Access from anywhere </li></ul><ul><li>Many services to choose from </li></ul>
    99. 101. Abstraction <ul><li>Your business should focus on your core competency & should not worry about security, OS, software platform , updates and patches etc. Leave these chores to your provider. </li></ul><ul><li>From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform. Everything should be in place without any worry. </li></ul>http://www.techno-pulse.com/
    100. 102. Resource Sharing <ul><li>Resource Sharing is the beauty of Cloud Computing. This is the concept which helps the cloud providers to attain optimum utilization of resources. Say, a company dealing in gifts may require more server resources during festive season. A company dealing in Payroll management may require more resources during the end or beginning of the month. </li></ul><ul><li>The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc). This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes. </li></ul>http://www.techno-pulse.com/
    101. 103. Les avantages du Cloud Computing du point de vue sécurité & gouvernance (1/2) <ul><li>Possibilité de mettre les données publiques dans un Cloud et de mieux protéger les données sensibles </li></ul><ul><li>Fragmentation et dispersion des données </li></ul><ul><li>Equipe de sécurité dédiée </li></ul><ul><li>Plus grand investissement dans l’infrastructure de sécurité </li></ul><ul><li>Tolérance aux fautes et fiabilité améliorées </li></ul><ul><li>Meilleure réaction aux attaques </li></ul><ul><li>Protection des hyperviseurs contre les attaques réseaux </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    102. 104. Les avantages du Cloud Computing du point de vue sécurité & gouvernance (2/2) <ul><li>Réduction possible des activités de mise en conformité et d’audit </li></ul><ul><ul><li>Statement on Auditing Standards No. 70: Service Organizations </li></ul></ul><ul><ul><li>Automated Audit, Assertion, Assessment, and Assurance API (A6) </li></ul></ul><ul><li>Données détenues par un tiers impartial </li></ul><ul><li>Solutions de stockage et de récupération de données à moindre coût </li></ul><ul><li>Contrôles de sécurité à la demande </li></ul><ul><li>Détection en temps réel des falsifications du système (System Tampering) </li></ul><ul><li>Reconstitution rapide des services </li></ul><ul><li>Possibilité accrue de créer des réseaux leurres (honeynet) </li></ul><ul><ul><li>La capture d’une machine virtuelle ne compromet pas l’hôte </li></ul></ul>109 Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    103. 105. ANALYSE DE RISQUES <ul><li>NEUF RISQUES MAJEURS: </li></ul><ul><li>PERTE DE MAÎTRISE DE L’INFRASTRUCTURE ET DES DONNEES </li></ul><ul><li>PROBLEMES DE REVERSIBILITE </li></ul><ul><li>MAINTIEN DE LA CONFORMITE LEGALE </li></ul><ul><li>LOCALISATION DES DONNEES </li></ul><ul><li>SECURITE QUANT A L’ISOLEMENT DES DONNEES </li></ul><ul><li>MAITRISE DES PERTES ET DESTRUCTIONS DE DONNEES </li></ul><ul><li>RECUPERATION DES DONNEES </li></ul><ul><li>MALVEILLANCE DE LA PART DES ADMINISTRATEURS DU CLOUD </li></ul><ul><li>VOL D’IDENTITE </li></ul>Source: Livre blanc sécurité du Cloud, syntec numérique
    104. 106. <ul><li>LES VERTUS DE LA CERTIFICATION SAS 70 </li></ul><ul><li>Créée par l'American Institute of Certified Public Accountants, la norme SAS 70 concerne les entreprises qui font appel à des fournisseurs spécialisés pour externaliser leurs services. </li></ul><ul><li>Elle se caractérise par des audits indépendants réalisés par des tiers et des vérifications des processus sur site. SAS 70 comporte deux niveaux (Type I et type II). </li></ul><ul><ul><ul><li>Le premier porte sur la description des activités de la société et sur la pertinence des contrôles. </li></ul></ul></ul><ul><ul><ul><li>Le deuxième niveau évalue leur efficacité à travers des tests dont les résultats sont publiés dans le rapport SAS 70 (type II). </li></ul></ul></ul><ul><li>Avantage-clé pour le fournisseur : éviter de multiples audits réalisés régulièrement par ses différents clients. C’est également un moyen important de différenciation commerciale. </li></ul><ul><li>Pour les entreprises-clientes, et en particulier celles soumises à la loi Sarbanes-Oxley, la certification SAS 70 garantit notamment la conformité et le « bon ordre » de leurs fournisseurs. </li></ul>
    105. 107. Source: Wikipedia Les critiques et craintes
    106. 108. <ul><li>Pour aller de l’avant, nous avons tout d’abord besoin de faire un pas en arrière et de nous rappeler que l’objectif fondamental de la sécurité de l’information, de la gestion des risques et de la gouvernance est d’aligner les objectifs de l’informatique sur ceux de l’activité de l’entreprise pour protéger les actifs de cette dernière et créer une culture de la responsabilité vis-à-vis de l’information. </li></ul><ul><li>C. Bianco </li></ul><ul><li>VP et General Manager Europe Qualys </li></ul><ul><li>http://www.journaldunet.com/solutions/expert/50552/en-2012--la-securite-sera-la-priorite--1-du-cloud-mobile.shtml?utm_source=benchmail&utm_medium=ML5&utm_campaign=E10212871&f_u=1526808 </li></ul>
    107. 109. Identity Access Management <ul><li>Manage Users/Groups </li></ul><ul><li>Manage security credentials </li></ul><ul><li>Control access to applications </li></ul><ul><li>Control access to specific resources </li></ul><ul><li>Control access based on environment variables </li></ul><ul><li>Cost:zero </li></ul>
    108. 110. Cloud User Surveys - Challenges © 2009 IDC Q: Rate the challenges/issues of the 'cloud'/on-demand model Source: IDC Enterprise Panel, 3Q09, n = 263, September 2009 (Scale: 1 = Not at all concerned 5 = Very concerned) 76.0% 76.8% 79.8% 80.2% 81.0% 82.9% 83.3% 87.5% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Not enough ability to customize Hard to integrate with in-house IT Bringing back in-house may be difficult Lack of interoperability standards On-demand paym’t model may cost more Performance Availability Security
    109. 111. Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france
    110. 112. Domaines critiques à étudier pour la gouvernance <ul><li>Choc culturel - Résistance au changement </li></ul><ul><li>Gestion des risques de l’entreprise </li></ul><ul><li>Problèmes légaux </li></ul><ul><ul><li>Fuites de données </li></ul></ul><ul><ul><li>Accès aux données par les organismes gouvernementaux </li></ul></ul><ul><ul><li>Protection de la vie privée </li></ul></ul><ul><li>Mise en conformité et audit </li></ul><ul><li>Gestion du cycle de vie de l’information </li></ul><ul><ul><li>Création, identification, stockage, utilisation, partage, archivage et destruction </li></ul></ul><ul><ul><li>Définition des responsabilités </li></ul></ul><ul><li>Portabilité et interopérabilité </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    111. 113. Domaines critiques à étudier pour la sécurité <ul><li>Plan de continuité et de reprise d’activités </li></ul><ul><li>Opérations du ou des centre(s) informatique(s) </li></ul><ul><li>Réponse, notifications et traitement des incidents </li></ul><ul><li>Sécurité des applications </li></ul><ul><li>Chiffrement et gestion des clés </li></ul><ul><li>Identités et contrôle d’accès </li></ul><ul><li>Technologie de virtualisation </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    112. 114. Les défis du Cloud Computing du point de vue sécurité & gouvernance <ul><li>Confiance dans le modèle de sécurité du fournisseur souvent opaque </li></ul><ul><li>Réponse par le client aux recommandations des audits </li></ul><ul><li>Aide aux enquêtes après incidents </li></ul><ul><li>Responsabilité des administrateurs appartenant au fournisseur </li></ul><ul><li>Perte du contrôle physique </li></ul><ul><li>Gestion de l’isolement des machines virtuelles </li></ul><ul><li>Présence de multi-location (multi-tenancy) </li></ul><ul><li>Gestion des versions de logiciels </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    113. 115. Les défis du Cloud Computing du point de vue sécurité & gouvernance <ul><li>Protection des données personnelles </li></ul><ul><ul><li>Traitement dans l’E.E.E. ou la Suisse, le Canada, l’Argentine, Guernesey, Jersey, Man et le Safe Harbour (US) </li></ul></ul><ul><ul><li>Règles internes d’entreprise / Corporate Binding rule </li></ul></ul><ul><ul><li>Clauses contractuelles types </li></ul></ul><ul><ul><li>Autorisation de transfert </li></ul></ul><ul><li>Droit d’accès des organismes gouvernementaux </li></ul><ul><ul><li>Patriot Act, Regulation of Investigatory Powers Act, LOPPSI, etc. </li></ul></ul><ul><li>Conservation légale des documents et leur production </li></ul><ul><li>Garantie de la qualité de service </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    114. 116. Les défis du Cloud Computing du point de vue sécurité & gouvernance <ul><li>Attirance des hackers </li></ul><ul><li>Possibilité d’une panne massive </li></ul><ul><li>Intégration avec l’informatique interne </li></ul><ul><li>Besoins de chiffrement </li></ul><ul><ul><li>Problèmes légaux (import, export, utilisation) </li></ul></ul><ul><ul><li>Accès chiffré à l’interface de contrôle du Cloud </li></ul></ul><ul><ul><li>Accès chiffré aux applications </li></ul></ul><ul><ul><li>Chiffrement des données stockées </li></ul></ul><ul><li>Permanence / rémanence des données </li></ul><ul><li>Agrégation et inférence des données </li></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    115. 117. Les défis du Cloud Computing du point de vue sécurité & gouvernance <ul><li>Sécurisation des OS virtuels dans le Cloud </li></ul><ul><li>Dépendance de la sécurité des hyperviseurs </li></ul><ul><li>Gestion des identités dans le Cloud </li></ul><ul><ul><li>Provisioning / déprovisioning </li></ul></ul><ul><ul><li>Authentification </li></ul></ul><ul><ul><li>Fédération </li></ul></ul><ul><ul><li>Gestion des profils utilisateurs et des autorisations d’accès </li></ul></ul>Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
    116. 119. Les prédictions de C. Bianco http://www.journaldunet.com/solutions/expert/50552/en-2012--la-securite-sera-la-priorite--1-du-cloud-mobile.shtml?utm_source=benchmail&utm_medium=ML5&utm_campaign=E10212871&f_u=1526808 <ul><li>Prolifération des appareils mobiles </li></ul><ul><li>Connection permanante de ces appareils au Cloud </li></ul><ul><li>=> nouvelles solutions de sécurité proposées par les fournisseurs de Cloud </li></ul><ul><li>Externalisation de la sécurité vers le Cloud </li></ul><ul><li>aujourd’hui la sécurité est mauvaise (enquête Ponemon Institute) </li></ul><ul><li>Il faudra donc également vérifier et faire des audit de sécurité des solutions proposées par les fournisseurs de Cloud </li></ul>
    117. 120. <ul><li>L’espoir fait vivre, mais n’oublions pas que l’espoir n’est pas une stratégie de sécurité. </li></ul><ul><li>  </li></ul>
    118. 121. Sources & credits <ul><li>Some material adapted from </li></ul><ul><ul><li>slides by Christophe Bisciglia, Aaron Kimball, & Sierra Michels-Slettvet, Google Distributed Computing Seminar, 2007 </li></ul></ul><ul><ul><li>Jimmy Lin, The iSchool, University of Maryland </li></ul></ul><ul><ul><li>B.Singh, www.technopulse.com </li></ul></ul><ul><ul><li>http://www.andyharjanto.com </li></ul></ul><ul><ul><li>Gouvernance et sécurité dans le Cloud Computing : avantages et défis, Yves LE ROUX, CISSP CISM, Principal Consultant; Yves.leroux@ca.com </li></ul></ul><ul><ul><li>Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france </li></ul></ul><ul><ul><li>Architecture for the Cloud : http://www.slideshare.net/AmazonWebServices/2011-aws-tour-australia-architecting-for-the-cloud-demo-and-best-practices-by-simone-brunozzi </li></ul></ul>
    119. 122. Source: Wikipedia quelques aspects juridiques
    120. 123. Data protection and transfers, new contractual practices and painful international private law issues are the common issues to be addressed when analysing the phenomenon from a legal point of view. Furthermore, each entity bound by regulatory compliance constraints has to assess whether &quot;going into the cloud&quot; is wise, or even allowed, taking into account its activities and the data or processes that it would like to outsource this way. The aim of the conference is to explore the legal contexts of cloud computing globally, but also from a sector-oriented perspective.
    121. 126. Questions juridiques liées au Cloud <ul><li>Protection des données personnelles </li></ul><ul><li>Données personnelles localisées dans des pays ne proposant pas de niveau de sécurité suffisant </li></ul><ul><li>Aspect contractuels de sous-traitances de traitement de données personnelles </li></ul><ul><li>Contrat d’adhésion (signé en ligne sans négociations) ou contrat négocié </li></ul><ul><li>aspects de confidentialité et de sécurité </li></ul><ul><li>responsabilité, indemnisation, garanties </li></ul><ul><li>intuitu personae (changement de contrôle) </li></ul><ul><li>propriété intellectuelle </li></ul>
    122. 127. QUESTIONS ?

    ×