Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

813 views

Published on

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

  • Be the first to comment

  • Be the first to like this

Massonet Philippe Panel - Security in the clouds: An Academic Perspective

  1. 1. Panel - Security in the clouds: An Academic Perspective Massonet Philippe Scientific Coordinator CETIC Research Center, Belgium 13-15 December 2010 ServiceWave 2010
  2. 2. <ul><li>Authors </li></ul><ul><li>Massonet Philippe, CETIC </li></ul>ICSOC-ServiceWave 2009 13-15 December 2010
  3. 3. Panel - Security in the clouds: An Academic Perspective 13-15 December 2010
  4. 4. Improvements in Cloud Security 13-15 December 2010 <ul><li>Cloud providers are offering several predefined levels of security to choose from </li></ul><ul><ul><li>E.g. Amazon Virtual Private Cloud : extend your IT with IPsec VPN connection to Amazon, Isolated resources and apply your security policies </li></ul></ul><ul><li>Cloud providers are improving trust with certification </li></ul><ul><ul><li>E.g. Google obtains FISMA certification and accreditation  Google Apps for goverment agencies </li></ul></ul><ul><ul><ul><li>Segregated community cloud for US goverment, Data stored in US only </li></ul></ul></ul><ul><ul><li>FISMA </li></ul></ul><ul><ul><ul><li>emphasizes “ risk-based policy for cost-effective security” </li></ul></ul></ul><ul><ul><ul><li>Categorize data/systems according to risk level </li></ul></ul></ul>
  5. 5. Top Challenges in Cloud Security 13-15 December 2010 <ul><li>Challenges: </li></ul><ul><ul><li>Loss of governance </li></ul></ul><ul><ul><li>Compliance challenges </li></ul></ul><ul><ul><li>Risk from changes of jurisdiction </li></ul></ul><ul><ul><li>Manage the risks related to resilience of the cloud </li></ul></ul><ul><ul><li>Need more transparency </li></ul></ul><ul><ul><ul><li>Accountability </li></ul></ul></ul><ul><ul><ul><li>Auditability </li></ul></ul></ul><ul><ul><ul><li>Risk management </li></ul></ul></ul><ul><ul><li>Portability/interoperability, ... </li></ul></ul><ul><li>Several studies related to security (CAMM) </li></ul>
  6. 6. Shift of Responsibilities with e.g. IaaS <ul><li>SP responsibilities </li></ul><ul><ul><li>Defines the deployment with a service manifest, Defines elasticity </li></ul></ul><ul><ul><li>Monitors/administers the VM </li></ul></ul>User Service Provider Virtualisation <ul><li>IP responsibilities: manages the physical and virtual infrastructure </li></ul><ul><ul><li>Placement of VM on physical machines: optimisation such that SLAs are satisfied </li></ul></ul><ul><ul><li>Elastcicity: scale up and down </li></ul></ul>Currently the transfer of responsibility is incomplete : transfert of control, but not accountability/liability Web Server App Server Db Server Infrastructure Provider
  7. 7. Some Research Directions forCloud Security 13-15 December 2010 <ul><li>Improving trust by giving the cloud user more control: </li></ul><ul><ul><li>Client side usage control for clouds </li></ul></ul><ul><ul><li>Trusted computing in clouds (hardware based security) </li></ul></ul><ul><li>Improve trust in cloud provider : </li></ul><ul><ul><li>V&V by design and Monitoring of isolation in the virtual infrastructure layer </li></ul></ul>
  8. 8. THANK YOU Questions and Answers www.reservoir-fp7.eu
  9. 9. ICSOC-ServiceWave 2009

×