Best Demo Award winning presentation given by Dr. Panagiotis Gouvas (UBITECH) at SME Event - Cloud Forward Conference 2016 on October 20 2016, Madrid, Spain.
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find ThemSuvabrata Sinha
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them. This provides a "practitioner's view" of 5 key areas that IT auditors auditing any cloud property should focus on.
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...Morgan Simonsen
This session was given at Lumagate's Nordic Cloud Management Summit 2015. It explores the possibility of moving all your services to the Public Cloud and getting rid of all your on-premises resources.
Concerns on the Cloud—Unveiling the Benefits and Determining Where and When to Use This Technology in R&D Labs
Presentation from IQPC Laboratory Informatics Summit 2016
For more information regarding Laboratory Informatics and the Cloud, visit http://www.csolsinc.com/
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find ThemSuvabrata Sinha
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them. This provides a "practitioner's view" of 5 key areas that IT auditors auditing any cloud property should focus on.
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...Morgan Simonsen
This session was given at Lumagate's Nordic Cloud Management Summit 2015. It explores the possibility of moving all your services to the Public Cloud and getting rid of all your on-premises resources.
Concerns on the Cloud—Unveiling the Benefits and Determining Where and When to Use This Technology in R&D Labs
Presentation from IQPC Laboratory Informatics Summit 2016
For more information regarding Laboratory Informatics and the Cloud, visit http://www.csolsinc.com/
Launching a Highly-regulated Startup in the Public CloudPoornaprajna Udupi
Public cloud infrastructure has been a huge enabler for the lean startup movement. Elasticity on-demand and pay-as-you-go aspects of the public cloud model have been the primary drivers
for startups across all industry verticals to launch in the cloud. But, security and compliance requirements from customers and regulations can be daunting, especially when the companies
are still trying build and scale product functionality.
This session presents a quick primer on bootstrapping a secure and compliant company in the public cloud. By relying on one or more public cloud providers, certain domains of security and
compliance become easier by means of transferring the risk. Most cloud providers guarantee physical and environmental security compliance. In order to fully realize this benefit, it behooves
for companies to minimize and eliminate local footprint of sensitive data. Similarly, rapid elasticity and broad network access made possible by the cloud providers are great for implementing a
compliant disaster recovery and business continuity program.
Transferring risk to a cloud provider comes at the cost of owning the responsibility of implementing the best practices for each provider. A rigorous third party assessment machinery is required to make sure that the compliance guarantees and SLAs are being met. Data classification and clear rules about which data classes can reside where should become a part of common knowledge for personnel. With each additional provider, companies need to
continually rebalance the risks by managing access control, network protections, configuration management, audit, logging, education, awareness and training, password management,
information exchange, backup and recovery. Continuous monitoring, alerting and incident management plans are required for each of the distributed information assets.
The audience will learn to navigate these tradeoffs and gain practical guidance on techniques for launching a secure and compliant company using a combination of public cloud providers. The audience will also learn about a variety of open source and commercial tools to implement the security controls and automate the security and compliance operations.
Cloud and Virtualization gives you agility and efficiency to instantly roll out new services and expand your infrastructure. But the lack of physical control, or defined entrance and egress points, bring a whole host of cloud security issues – data co-mingling, privileged user abuse, snapshots and backups, data deletion, data leakage, geographic regulatory requirements, cloud super-admins, and many more. Fortunately, experts agree that encryption is the unifying cloud security control, allowing you protect, control and maintain the trust. Gemalto’s proven encryption and enterprise key management solutions turn any cloud environment into a trusted and compliant environment by solving the critical challenges of data governance, control, and ownership - no matter where you store your data.
Andrew Watts-Curnow, Solutions Architect, Amazon Web Services, ASEAN
Sheung Chi Ng, Senior Security Consulting Manager, Identity and Data Protection (IDP), APAC, Gemalto (Formerly SafeNet)
Integrated Storage, a key feature now available in Vault 1.4, can streamline your Vault architecture and improve performance. See demos and documentation of its use cases and migration process.
Diego Berrueta discusses the main challenges involved in scaling Atlassian from one to near a thousand micro services. Includes the introduction of an internal PaaS called Micros, a service-to-service authentication protocol called ASAP, the strategy to converge on a small number of tech stacks, building tools to bootstrap new services and libraries to maintain them, and how to scale operations.
Startups are huge fan of IaaS/PaaS providers such as AWS, Rackspace, New Relic etc. even smaller VPS providers are growing fast.
Beside the obsession of using these easily deployable infrastructure components, we would like to provide you a showdown about the necessity and sense, when and whether to use them. The plus: we will provide numbers !
The Future of CASBs - A Cloud Security Force AwakensBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
Eskm & bloombase integration data security oct 16Bloombase
Bloombase StoreSafe KMIP
Integration with HPE Enterprise
Secure Key Manager (ESKM)
Technology Partner Solution Brief
Bloombase and HPE Security are committed to ensuring industry-wide interoperability and enabling rapid deployment of secured business information systems.
As more organizations look to deploy new or additional cloud apps to enable employee productivity, securing corporate data becomes a challenge. Cloud Access Security Brokers (CASBs) have emerged as the go-to solution for organizations that need end-to-end data security, from cloud to device.
Launching a Highly-regulated Startup in the Public CloudPoornaprajna Udupi
Public cloud infrastructure has been a huge enabler for the lean startup movement. Elasticity on-demand and pay-as-you-go aspects of the public cloud model have been the primary drivers
for startups across all industry verticals to launch in the cloud. But, security and compliance requirements from customers and regulations can be daunting, especially when the companies
are still trying build and scale product functionality.
This session presents a quick primer on bootstrapping a secure and compliant company in the public cloud. By relying on one or more public cloud providers, certain domains of security and
compliance become easier by means of transferring the risk. Most cloud providers guarantee physical and environmental security compliance. In order to fully realize this benefit, it behooves
for companies to minimize and eliminate local footprint of sensitive data. Similarly, rapid elasticity and broad network access made possible by the cloud providers are great for implementing a
compliant disaster recovery and business continuity program.
Transferring risk to a cloud provider comes at the cost of owning the responsibility of implementing the best practices for each provider. A rigorous third party assessment machinery is required to make sure that the compliance guarantees and SLAs are being met. Data classification and clear rules about which data classes can reside where should become a part of common knowledge for personnel. With each additional provider, companies need to
continually rebalance the risks by managing access control, network protections, configuration management, audit, logging, education, awareness and training, password management,
information exchange, backup and recovery. Continuous monitoring, alerting and incident management plans are required for each of the distributed information assets.
The audience will learn to navigate these tradeoffs and gain practical guidance on techniques for launching a secure and compliant company using a combination of public cloud providers. The audience will also learn about a variety of open source and commercial tools to implement the security controls and automate the security and compliance operations.
Cloud and Virtualization gives you agility and efficiency to instantly roll out new services and expand your infrastructure. But the lack of physical control, or defined entrance and egress points, bring a whole host of cloud security issues – data co-mingling, privileged user abuse, snapshots and backups, data deletion, data leakage, geographic regulatory requirements, cloud super-admins, and many more. Fortunately, experts agree that encryption is the unifying cloud security control, allowing you protect, control and maintain the trust. Gemalto’s proven encryption and enterprise key management solutions turn any cloud environment into a trusted and compliant environment by solving the critical challenges of data governance, control, and ownership - no matter where you store your data.
Andrew Watts-Curnow, Solutions Architect, Amazon Web Services, ASEAN
Sheung Chi Ng, Senior Security Consulting Manager, Identity and Data Protection (IDP), APAC, Gemalto (Formerly SafeNet)
Integrated Storage, a key feature now available in Vault 1.4, can streamline your Vault architecture and improve performance. See demos and documentation of its use cases and migration process.
Diego Berrueta discusses the main challenges involved in scaling Atlassian from one to near a thousand micro services. Includes the introduction of an internal PaaS called Micros, a service-to-service authentication protocol called ASAP, the strategy to converge on a small number of tech stacks, building tools to bootstrap new services and libraries to maintain them, and how to scale operations.
Startups are huge fan of IaaS/PaaS providers such as AWS, Rackspace, New Relic etc. even smaller VPS providers are growing fast.
Beside the obsession of using these easily deployable infrastructure components, we would like to provide you a showdown about the necessity and sense, when and whether to use them. The plus: we will provide numbers !
The Future of CASBs - A Cloud Security Force AwakensBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
Eskm & bloombase integration data security oct 16Bloombase
Bloombase StoreSafe KMIP
Integration with HPE Enterprise
Secure Key Manager (ESKM)
Technology Partner Solution Brief
Bloombase and HPE Security are committed to ensuring industry-wide interoperability and enabling rapid deployment of secured business information systems.
As more organizations look to deploy new or additional cloud apps to enable employee productivity, securing corporate data becomes a challenge. Cloud Access Security Brokers (CASBs) have emerged as the go-to solution for organizations that need end-to-end data security, from cloud to device.
For my Fall 2015 Marketing Co-Director term with UC Berkeley's Latino Business Student Association, I asked board members to use one word to describe our association. In this Apple-esque campaign, we aimed to help students better understand what our club consisted of rather than blinding possible members with event information.
Social Media & Metrics (Digital Marketing Today)Julian Gamboa
In Digital Marketing Today, we strive to make students learn the basics of what will be expected of them in a digital marketing internship. Here, we covered the diverse social media platforms available for companies as well as how to measure growth for periods of time.
Though service-oriented architecture advocates "everything as a service" (with the acronyms EaaS or XaaS,[62] or simply aas), cloud-computing providers offer their "services" according to different models, of which the three standard models per NIST are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).[61] These models offer increasing abstraction; they are thus often portrayed as a layers in a stack: infrastructure-, platform- and software-as-a-service, but these need not be related.
Webinar presentation October 22, 2015.
The model behind Platform-as-a-Service (PaaS) is to provide a platform for customers to develop, run, and manage web applications without needing to build or maintain the infrastructure, which can reduce costs while increasing flexibility and speed-to-market.
In the CSCC deliverable, Practical Guide to Platform-as-a-Service, learn how to use PaaS to solve business challenges, specifically:
- Definition of PaaS, the benefits of using PaaS, and examples of PaaS offerings
- Applications best suited for PaaS and the considerations for architecture, development, and operations
- Recommendations for the best use of PaaS services
Download the deliverable: http://www.cloud-council.org/resource-hub
Private, Managed, Public - All Things WSO2 CloudWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/06/private-managed-public-all-things-wso2-cloud/
During the session, you will learn:
Why customers choose WSO2 Managed Cloud, WSO2 Public Cloud or Private Cloud environments
What unique and differentiating private cloud capabilities are delivered by Apache Stratos 4.1, WSO2 Private PaaS, WSO2 App Factory, WSO2 App Cloud, and WSO2 API Cloud
How customers are structuring private cloud deployments and achieving business benefits
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.OW2
SeedStack OW2 Project was presented at OW2con'19, June 12-13 in Paris, by Marius Matei, Project Manager at PSA Group.
Abstract: The design of cloud information systems requires usage of cloud ready development frameworks like SeedStack. SeedStack coding approach comes with some major benefits: compliance with open source cloud standards, modular design and clean code. Using domain driven design and bounded context concept, the microservices are finely identified. Operational elements like performance measures, APIs for connecting ressources are provided by SeedStack in order to prepare the integration of a cloud ready application with the host. SeedStack project templates and automation accelerate the development of cloud ready microservices. This presentation shows recent updates of SeedStack for building and operating modern architectures (microservices, Kafka, containers).
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...Timothy Spann
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipelines
https://www.meetup.com/futureofdata-newyork/events/298660453/
Unlocking Financial Data with Real-Time Pipelines
(Flink Analytics on Stocks with SQL )
By Timothy Spann
Financial institutions thrive on accurate and timely data to drive critical decision-making processes, risk assessments, and regulatory compliance. However, managing and processing vast amounts of financial data in real-time can be a daunting task. To overcome this challenge, modern data engineering solutions have emerged, combining powerful technologies like Apache Flink, Apache NiFi, Apache Kafka, and Iceberg to create efficient and reliable real-time data pipelines. In this talk, we will explore how this technology stack can unlock the full potential of financial data, enabling organizations to make data-driven decisions swiftly and with confidence.
Introduction: Financial institutions operate in a fast-paced environment where real-time access to accurate and reliable data is crucial. Traditional batch processing falls short when it comes to handling rapidly changing financial markets and responding to customer demands promptly. In this talk, we will delve into the power of real-time data pipelines, utilizing the strengths of Apache Flink, Apache NiFi, Apache Kafka, and Iceberg, to unlock the potential of financial data. I will be utilizing NiFi 2.0 with Python and Vector Databases.
Timothy Spann
Principal Developer Advocate, Cloudera
Tim Spann is a Principal Developer Advocate in Data In Motion for Cloudera. He works with Apache NiFi, Apache Kafka, Apache Pulsar, Apache Flink, Flink SQL, Apache Pinot, Trino, Apache Iceberg, DeltaLake, Apache Spark, Big Data, IoT, Cloud, AI/DL, machine learning, and deep learning. Tim has over ten years of experience with the IoT, big data, distributed computing, messaging, streaming technologies, and Java programming. Previously, he was a Developer Advocate at StreamNative, Principal DataFlow Field Engineer at Cloudera, a Senior Solutions Engineer at Hortonworks, a Senior Solutions Architect at AirisData, a Senior Field Engineer at Pivotal and a Team Leader at HPE. He blogs for DZone, where he is the Big Data Zone leader, and runs a popular meetup in Princeton & NYC on Big Data, Cloud, IoT, deep learning, streaming, NiFi, the blockchain, and Spark. Tim is a frequent speaker at conferences such as ApacheCon, DeveloperWeek, Pulsar Summit and many more. He holds a BS and MS in computer science.
https://twitter.com/PaaSDev
https://www.linkedin.com/in/timothyspann/
https://medium.com/@tspann
https://github.com/tspannhw/FLiPStackWeekly/
Xanadu is the most advanced big data platform technology developed by eMediaTrack in collaboration with researchers at Oxford University. Xanadu enables the NoSQL write-only (archiving) key-value-time database functionality with ACID properties. The ACID properties are essential for the mission-critical systems (e.g., financial services, healthcare services, national security intelligence). The ACID properties are also essential for many predictive analysis. Key-value-time store (time series of all key-value pairs) facilitates easy extraction and analysis based on multiple time series. Xanadu provides a highly scalable, available, fault tolerant, de-duplicated, immortal, and high performance big data store. Xanadu reduces the actual storage footprint by recognising duplicate data and maintaining only as many copies as it needs to assure its availability. Xanadu exploits the Distributed File System (DFS) technology using commodity servers and storage devices. Xanadu enables database with built-in massively parallel big data processing exploiting the DFS (Hadoop MapReduce being just one example). Xanadu enables real-time big data analytics. Xanadu enables Javascript-based, complex, integrated, parallel queries. This last feature lowers the entry barrier for developers using the most widespread web programming language to transform themselves into powerful, high-valued 'data scientists.'
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
Organizations that are transitioning from a traditional data center to an on-demand IT environment, such as AWS, are quickly finding that automating and scaling legacy security services for comprehensive workload security can be challenging. In light of these challenges, it is necessary to deploy a security solution that employs the same versatility and elasticity as the cloud workloads it is meant to protect. CloudPassage® Halo® provides virtually instant visibility and continuous protection for servers in any combination of data centers, private clouds and public clouds like AWS. Join Xero and CloudPassage to learn about best practices for migrating your security workloads to the cloud.
Join us to learn:
- Best practices for maintaining workload security
- How you can align cloud security deployment methods with on-premises deployment methods
- Key considerations for architecting your infrastructure to scale quickly and securely
Who should attend: CTOs, CIOs, CISOs, Directors and Managers of Security, IT Administers, IT Architects and IT Security Engineers
This is a paper presentation held by Rafael Dowsley at the 1st International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'15) in Limassol, Cyprus.
This is a paper presentation held by Dr. Yiannis Verginadis at the 1st International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'15) in Limassol, Cyprus.
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...PaaSword EU Project
This is a paper presentation held by Dr. Simone Braun at the 1st International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'15) in Limassol, Cyprus. This paper aims at defining a roadmap to derive a holistic framework providing data privacy and security by design in the context of cloud-based multi-tenant customer relationship management (CRM) systems. As a CRM system developed for SMEs CAS PIA serves as an example for typically occurring data structures and use cases including the innovative concept of user-defined security levels for different data types. A scenario and requirements analysis for motivating the need for a suitable user-context-specific security concept and a data and privacy preserving framework is presented.
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword EU Project
This is a paper presentation held by Dr. Yiannis Verginadis at the 5th International Conference on Cloud Computing and Services Science (CLOSER 2015) in Lisbon, Portugal. The authors outline significant security challenges presented when migrating to a cloud environment and described a novel holistic framework that aspires to alleviate these challenges, corresponding to the high level description of the vision of the PaaSword project.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
1. www.paasword.eu
No More Dark Clouds With PaaSword – An
Innovative Security By Design Framework
Cloud Forward Conference
Oct 18-20, 2016 – Madrid, Spain
2. Cloud Paradigm Shift
The cloud paradigm has definitely prevailed
Most application are delivered following the SaaS model
Many developers rely on PaaS offerings for scalablity
Nearly all underlying resources (DBs, Queues etc) are
outsourced at the IaaS level
Attack vectors have increased
‘Raw data’ are the modern hacker’s holy grail
The responsibility for the protection of data has
shifted to the developer
PaaSword24/10/2016 2
5. Motivation – Security as an Enterprise
Requirement
Enterprises identify security concerns and data privacy as the most
significant barriers of Cloud adoption;
In addition:
Compliance (e.g., legal, regulatory, industry-standard compliance)
Cultural resistance
Encryption and key management as top priority requirements [3] &
[4]
PaaSword24/10/2016 5
[3] P. Institute, “2015 Global Encryption & Key,” Thales, 2015.
[4] CipherCloud, “Global cloud data security report - The
authority on how to protect data in the cloud,” CipherCloud, 2015.
6. How shall we lower the
barriers?
Security concerns
Protect confidential information
Control access
Trust cloud provider
Secure Cloud Applications
Data privacy
Secure storage
Encryption
Trustable Key Management
Control Access to data
PaaSword
24/10/2016
6
PaaSword
7. Problem Areas Targeted
Insufficient security and trust of cloud
infrastructures and services
Cloud application developers have difficulties
specifying appropriate level of security
Appropriate context-aware access control
mechanisms for cloud applications
Ensure protection, privacy and integrity of data
stored in the cloud
Prove applicability, usability, effectiveness and
value of secure cloud platforms
PaaSword24/10/2016 7
9. PaaSword Features
A security-by-design framework
which will allow developers to engineer
secure applications
Leverage the security and trust of
data that reside on outsourced
infrastructure
Facilitate context-aware access to
encrypted and (even) physically
distributed datasets stored in the
cloud
Prove applicability, usability,
effectiveness and value of our
framework in real-life Cloud
infrastructures, services and
applications29/06/2016 9
PaaSProvider
PaaSword API
DBwith
Indexersonencrypteddata
QueriesusingSearchable
Trusted IaaSProvider
Adversary
User
Developer
PublishesApplication
Encryption Scheme
usingPaaSword API
encrypteddata
PaaSword
10. Major Assets developed so far…
A JAVA annotation library that can be used during development
in order to annotate database models (using JPA)
These annotations are translated during runtime to privacy constraints
that drive the fragmentation of the database
A virtual-database proxy that is able to handle any SQL query
by translating it in the proper format based on the fragmentation
scheme
An XACML-compliant authorization engine that is able to
perform reasoning prior to attribute-evaluation
An integrated IDE environment where developers can submit
and control their PaaSword-enabled applications
PaaSword24/10/2016 10
15. Interested in… ?
Getting access to early results?
Shaping and expanding PaaSword?
Networking with leading companies & research
institutes?
Collaborating with us and the PaaSword Community?
Join the Cloud Security Industrial Focus Group!
Register at:
https://www.paasword.eu/register/
19PaaSword
16. PaaSword24/10/2016 20
Join our Industrial Focus Group
Today!
Visit us:
www.paasword.
eu
Acknowledgements:
This project has received funding from
the European Union’s Horizon 2020
research and innovation programme
under grant agreement No 644814.