SlideShare a Scribd company logo
The Benefits of the Clouds
            or
Avoiding The Cloud Trap!
            Adrius42

  Recording some of the Jericho
  Forum thinking as it is Thunk!
F I R S T C L A S S I F Y Y O U R D A T A !!!

      Determine what rules MUST apply to it.

     Must it only exist in specific trust levels?
      Then decide to which type of
        For example can it leave Europe?
      Does it have to stay in Safemove
         Cloud you want to Harbours?
               Must it stay in Europe?


We need a universal data classification model that is simple (cf G8 TLP)
We need a recognised trust level standard for all aspects of computing
We need standardised meta data that signals to “cloud security” the data’s security needs
Then decide do you want to
   move to the Clouds
To Cloud or Not to Cloud?

           Traditional




  Clouds
Then decide what data you
want to allow in the Clouds
With what degree
 of translucency
For all Clouds are not equal...
<<<< Same old Traditional Approach


                                                     Massively Scalable
Manual
System Recovery
                                                        Fully automated
Tapes sent by Truck                                 System Redundancy
Data Backup and
                                                        Fully automated
Recovery variable risk
                                                       Data Backup and
Self owned Disk Storage                                        Recovery
Data Redundancy ...sometimes
                                                        Fully automated
                                                       Data Redundancy
Warmish Back up Data Centre
For Disaster Recovery
                                                        Fully automated
Significant switching impact
                                                      Disaster Recovery
And testing costs

                                     Full on Clouds this way >>>>>
Then decide what level you
want to operate in the Clouds
Cloud Layers
                                                                Outcome / Value




                                                                                  Security and IdAM
                Ab s tr a c t Io n o cc u r s h er e!
                                                        Last!
Orchestration



                                                                   Process
                                                        3rd


                                                                   Software
                                                        2nd


                                                                   Platform
                                                        1st


                                                                 Infrastructure
Then decide to which form of
  Cloud you want to move
Cloud Forms



External



Internal
Cloud Forms




Proprietary Open
Cloud Forms



External




Internal


           Proprietary Open
Cloud Forms
                    To get through
                   here you need a
                    Collaboration
                       Oriented
                   Architecture and
                  the Jericho Forum
                   Commandments




              Deperimeterised

         Perimeterised
Cloud Forms



External



                                    Deperimeterised
Internal
                                Perimeterised

           Proprietary   Open
Cloud Forms



          External



                                                         Deperimeterised
           Internal
                                                    Perimeterised

                      Proprietary     Open
We need inter cloud “IPI” standards... especially those that enable Collaboration.
IPI=“Information Programming Interface” There has to be a better name!!!
Cloud Patterns



         External



                                                      Deperimeterised
          Internal
                                                 Perimeterised

                     Proprietary    Open


Recognise some pathways between Clouds will be easier to enable than others!
Cloud Patterns



External



                                    Deperimeterised
Internal
                                Perimeterised

           Proprietary   Open
...and ”then” ensure the
 controls you require are
available in the Clouds...
        ...Oops!!!

      You mean
“Cloud Security Central”
     doesn’t exist?
Cloud Layers
                                                                  Outcome / Value




                                                                                    Security and IdAM
                  Ab s tr a c t Io n o cc u r s h er e!
                                                          Last!
  Orchestration



                                                                     Process
                                                          3rd


                                                                     Software
                                                          2nd


                                                                     Platform
                                                          1st


                                                                   Infrastructure

Cloud Maturity Scale
We haven’t even identified all
      the needs yet.

   Bread Crumb Detector
   Bread Crumb Hoover
  Cloud Identity Services

   and their Providers
 What about Trust Levels?
Proposed Individual Trust Levels
Trust Intent            Impact         Trust Level              Authentication       Physical
Level                                  Label                    Activity             World equiv

T0    Stay              None           Anonymous                None                 -
      Unidentified
T1    Self              Insignificant Self Asserted             None                 Pseudonym
      Assertion*
T2    Proof             Minor          Document Verified        Authenticated:       Proof of Abode
      of Identity                                               Name, Address, Age   Electricity Bill
T3    T2+ Ability       Major          Legally/ Financially Authenticate Credit      Credit Card
      to Commit                        Verified             Worthiness and
       / Pay                                                Payment Method
1Pay* Ability to Pay Varied            Single use               Authenticate Credit
      a single                         Financially              Worthiness and Single Cash
      transaction                      Verified                 Use Payment Method
T4    T2+               Material       Government               Government           Passport
      Gov Id                           Verified
T5    Protect           Catastrophic Military Grade             Positive Vetting     Security
      Lives                                                                          Clearance
                    *1Pay: Can be appended to any Trust Level

More Related Content

What's hot

Tcp/ip server sockets
Tcp/ip server socketsTcp/ip server sockets
Tcp/ip server sockets
rajshreemuthiah
 
Client side scripting and server side scripting
Client side scripting and server side scriptingClient side scripting and server side scripting
Client side scripting and server side scripting
baabtra.com - No. 1 supplier of quality freshers
 
Inheritance in java
Inheritance in javaInheritance in java
Inheritance in java
Tech_MX
 
Introduction to method overloading &amp; method overriding in java hdm
Introduction to method overloading &amp; method overriding  in java  hdmIntroduction to method overloading &amp; method overriding  in java  hdm
Introduction to method overloading &amp; method overriding in java hdm
Harshal Misalkar
 
Virtual machines and their architecture
Virtual machines and their architectureVirtual machines and their architecture
Virtual machines and their architecture
Mrinmoy Dalal
 
Introduction to Compiler design
Introduction to Compiler design Introduction to Compiler design
Introduction to Compiler design
Dr. C.V. Suresh Babu
 
Java features
Java featuresJava features
Java features
Prashant Gajendra
 
Methods in Java
Methods in JavaMethods in Java
Methods in Java
Jussi Pohjolainen
 
core java
core javacore java
core java
Roushan Sinha
 
MULTI THREADING IN JAVA
MULTI THREADING IN JAVAMULTI THREADING IN JAVA
MULTI THREADING IN JAVA
VINOTH R
 
Java applet
Java appletJava applet
Java applet
Rohan Gajre
 
Chapter 1 swings
Chapter 1 swingsChapter 1 swings
Chapter 1 swings
Jafar Nesargi
 
Java tutorial PPT
Java tutorial PPTJava tutorial PPT
Java tutorial PPT
Intelligo Technologies
 
Input-Buffering
Input-BufferingInput-Buffering
Input-Buffering
Dattatray Gandhmal
 
Mainframe systems
Mainframe systemsMainframe systems
Decision properties of reular languages
Decision properties of reular languagesDecision properties of reular languages
Decision properties of reular languages
SOMNATHMORE2
 
Software engineering lecture notes
Software engineering lecture notesSoftware engineering lecture notes
Software engineering lecture notes
Siva Ayyakutti
 
Java Exception handling
Java Exception handlingJava Exception handling
Java Exception handling
kamal kotecha
 
Introduction to APIs (Application Programming Interface)
Introduction to APIs (Application Programming Interface) Introduction to APIs (Application Programming Interface)
Introduction to APIs (Application Programming Interface)
Vibhawa Nirmal
 
Event Handling in java
Event Handling in javaEvent Handling in java
Event Handling in java
Google
 

What's hot (20)

Tcp/ip server sockets
Tcp/ip server socketsTcp/ip server sockets
Tcp/ip server sockets
 
Client side scripting and server side scripting
Client side scripting and server side scriptingClient side scripting and server side scripting
Client side scripting and server side scripting
 
Inheritance in java
Inheritance in javaInheritance in java
Inheritance in java
 
Introduction to method overloading &amp; method overriding in java hdm
Introduction to method overloading &amp; method overriding  in java  hdmIntroduction to method overloading &amp; method overriding  in java  hdm
Introduction to method overloading &amp; method overriding in java hdm
 
Virtual machines and their architecture
Virtual machines and their architectureVirtual machines and their architecture
Virtual machines and their architecture
 
Introduction to Compiler design
Introduction to Compiler design Introduction to Compiler design
Introduction to Compiler design
 
Java features
Java featuresJava features
Java features
 
Methods in Java
Methods in JavaMethods in Java
Methods in Java
 
core java
core javacore java
core java
 
MULTI THREADING IN JAVA
MULTI THREADING IN JAVAMULTI THREADING IN JAVA
MULTI THREADING IN JAVA
 
Java applet
Java appletJava applet
Java applet
 
Chapter 1 swings
Chapter 1 swingsChapter 1 swings
Chapter 1 swings
 
Java tutorial PPT
Java tutorial PPTJava tutorial PPT
Java tutorial PPT
 
Input-Buffering
Input-BufferingInput-Buffering
Input-Buffering
 
Mainframe systems
Mainframe systemsMainframe systems
Mainframe systems
 
Decision properties of reular languages
Decision properties of reular languagesDecision properties of reular languages
Decision properties of reular languages
 
Software engineering lecture notes
Software engineering lecture notesSoftware engineering lecture notes
Software engineering lecture notes
 
Java Exception handling
Java Exception handlingJava Exception handling
Java Exception handling
 
Introduction to APIs (Application Programming Interface)
Introduction to APIs (Application Programming Interface) Introduction to APIs (Application Programming Interface)
Introduction to APIs (Application Programming Interface)
 
Event Handling in java
Event Handling in javaEvent Handling in java
Event Handling in java
 

Viewers also liked

Securing your Cloud Deployment
Securing your Cloud DeploymentSecuring your Cloud Deployment
Securing your Cloud Deployment
Hrusostomos Vicatos
 
Jericho Attack Technique
Jericho Attack TechniqueJericho Attack Technique
Jericho Attack Technique
Jan Seidl
 
NIST Definition of Cloud Computing v15
NIST Definition of Cloud Computing v15NIST Definition of Cloud Computing v15
NIST Definition of Cloud Computing v15
Bill Annibell
 
Capacity Planning for Cloud Computing
Capacity Planning for Cloud ComputingCapacity Planning for Cloud Computing
Capacity Planning for Cloud Computing
Adrian Cockcroft
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
Aidy Tificate
 
Cloud Computing Architecture
Cloud Computing Architecture Cloud Computing Architecture
Cloud Computing Architecture
Vasu Jain
 
Enterprise Cloud Risk And Security
Enterprise Cloud Risk And SecurityEnterprise Cloud Risk And Security
Enterprise Cloud Risk And Security
Mark Masterson
 
Cloud computing presentation
Cloud computing   presentationCloud computing   presentation
Cloud computing presentation
William Mann
 
Online presentation
Online presentationOnline presentation
Online presentation
M10p3309
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
Animesh Chaturvedi
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
Thanakrit Lersmethasakul
 
Human behaviour.and personality development.ppt
Human behaviour.and personality development.pptHuman behaviour.and personality development.ppt
Human behaviour.and personality development.ppt
Monika Sharma
 
Capacity planning
Capacity planning Capacity planning
Capacity planning
Abdullah Shahid
 
Capacity planning ppt
Capacity planning pptCapacity planning ppt
Capacity planning ppt
Gagan bhati
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
shibamughal
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple ppt
Agarwaljay
 
Vlan
Vlan Vlan
Vlan
sanss40
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computing
Rkrishna Mishra
 

Viewers also liked (20)

Securing your Cloud Deployment
Securing your Cloud DeploymentSecuring your Cloud Deployment
Securing your Cloud Deployment
 
Jericho Attack Technique
Jericho Attack TechniqueJericho Attack Technique
Jericho Attack Technique
 
NIST Definition of Cloud Computing v15
NIST Definition of Cloud Computing v15NIST Definition of Cloud Computing v15
NIST Definition of Cloud Computing v15
 
Capacity Planning for Cloud Computing
Capacity Planning for Cloud ComputingCapacity Planning for Cloud Computing
Capacity Planning for Cloud Computing
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Cloud Computing Architecture
Cloud Computing Architecture Cloud Computing Architecture
Cloud Computing Architecture
 
Enterprise Cloud Risk And Security
Enterprise Cloud Risk And SecurityEnterprise Cloud Risk And Security
Enterprise Cloud Risk And Security
 
Cloud computing presentation
Cloud computing   presentationCloud computing   presentation
Cloud computing presentation
 
Online presentation
Online presentationOnline presentation
Online presentation
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Human behaviour.and personality development.ppt
Human behaviour.and personality development.pptHuman behaviour.and personality development.ppt
Human behaviour.and personality development.ppt
 
Capacity planning
Capacity planning Capacity planning
Capacity planning
 
Capacity planning ppt
Capacity planning pptCapacity planning ppt
Capacity planning ppt
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple ppt
 
Vlan
Vlan Vlan
Vlan
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computing
 

Similar to The Cloud Cube

Cloud Segmentation(White)
Cloud Segmentation(White)Cloud Segmentation(White)
Cloud Segmentation(White)
Adrius42
 
Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)
ippei_suzuki
 
Building Applications For The Cloud
Building Applications For The CloudBuilding Applications For The Cloud
Building Applications For The Cloud
Toddy Mladenov
 
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
dirkbeth
 
Cloud Connect
Cloud ConnectCloud Connect
Cloud Connect
ctrlsblog
 
Layer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorLayer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public Sector
CA API Management
 
Ca today here and_now_martin_vajda
Ca today here and_now_martin_vajdaCa today here and_now_martin_vajda
Ca today here and_now_martin_vajda
mvajda62
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
reshmaroberts
 
When Where Why Cloud
When Where Why CloudWhen Where Why Cloud
When Where Why Cloud
reshmaroberts
 
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsCloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Yevgeniy Brikman
 
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
securityxploded
 
Duck Hunter - The return of autorun
Duck Hunter - The return of autorunDuck Hunter - The return of autorun
Duck Hunter - The return of autorun
Nimrod Levy
 
Nimrod duck hunter copy
Nimrod duck hunter   copyNimrod duck hunter   copy
Nimrod duck hunter copy
Nimrod Levy
 
AktaionPPTv5_JZedits
AktaionPPTv5_JZeditsAktaionPPTv5_JZedits
AktaionPPTv5_JZedits
Rod Soto
 
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGYCYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
jmical
 
P5 cloud economics_v1
P5 cloud economics_v1P5 cloud economics_v1
P5 cloud economics_v1
Mohd Shaharimi Saliman (Shah)
 
nullcon 2011 - Chupa Rustam
nullcon 2011 - Chupa Rustamnullcon 2011 - Chupa Rustam
nullcon 2011 - Chupa Rustam
n|u - The Open Security Community
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Amazon Web Services
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Mark Frydenberg
 
Drupal in the Cloud with Windows Azure
Drupal in the Cloud with Windows AzureDrupal in the Cloud with Windows Azure
Drupal in the Cloud with Windows Azure
Ford AntiTrust
 

Similar to The Cloud Cube (20)

Cloud Segmentation(White)
Cloud Segmentation(White)Cloud Segmentation(White)
Cloud Segmentation(White)
 
Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)Ippeis Cloud Computing Presentation(Tokyo2.0)
Ippeis Cloud Computing Presentation(Tokyo2.0)
 
Building Applications For The Cloud
Building Applications For The CloudBuilding Applications For The Cloud
Building Applications For The Cloud
 
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
 
Cloud Connect
Cloud ConnectCloud Connect
Cloud Connect
 
Layer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorLayer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public Sector
 
Ca today here and_now_martin_vajda
Ca today here and_now_martin_vajdaCa today here and_now_martin_vajda
Ca today here and_now_martin_vajda
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
 
When Where Why Cloud
When Where Why CloudWhen Where Why Cloud
When Where Why Cloud
 
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutionsCloud adoption fails - 5 ways deployments go wrong and 5 solutions
Cloud adoption fails - 5 ways deployments go wrong and 5 solutions
 
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
Advanced Malware Analysis Training Session 3 - Botnet Analysis Part 2
 
Duck Hunter - The return of autorun
Duck Hunter - The return of autorunDuck Hunter - The return of autorun
Duck Hunter - The return of autorun
 
Nimrod duck hunter copy
Nimrod duck hunter   copyNimrod duck hunter   copy
Nimrod duck hunter copy
 
AktaionPPTv5_JZedits
AktaionPPTv5_JZeditsAktaionPPTv5_JZedits
AktaionPPTv5_JZedits
 
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGYCYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
CYBER INTELLIGENCE &amp; RESPONSE TECHNOLOGY
 
P5 cloud economics_v1
P5 cloud economics_v1P5 cloud economics_v1
P5 cloud economics_v1
 
nullcon 2011 - Chupa Rustam
nullcon 2011 - Chupa Rustamnullcon 2011 - Chupa Rustam
nullcon 2011 - Chupa Rustam
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Drupal in the Cloud with Windows Azure
Drupal in the Cloud with Windows AzureDrupal in the Cloud with Windows Azure
Drupal in the Cloud with Windows Azure
 

Recently uploaded

Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 

Recently uploaded (20)

Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 

The Cloud Cube

  • 1. The Benefits of the Clouds or Avoiding The Cloud Trap! Adrius42 Recording some of the Jericho Forum thinking as it is Thunk!
  • 2. F I R S T C L A S S I F Y Y O U R D A T A !!! Determine what rules MUST apply to it. Must it only exist in specific trust levels? Then decide to which type of For example can it leave Europe? Does it have to stay in Safemove Cloud you want to Harbours? Must it stay in Europe? We need a universal data classification model that is simple (cf G8 TLP) We need a recognised trust level standard for all aspects of computing We need standardised meta data that signals to “cloud security” the data’s security needs
  • 3. Then decide do you want to move to the Clouds
  • 4. To Cloud or Not to Cloud? Traditional Clouds
  • 5. Then decide what data you want to allow in the Clouds
  • 6. With what degree of translucency
  • 7. For all Clouds are not equal... <<<< Same old Traditional Approach Massively Scalable Manual System Recovery Fully automated Tapes sent by Truck System Redundancy Data Backup and Fully automated Recovery variable risk Data Backup and Self owned Disk Storage Recovery Data Redundancy ...sometimes Fully automated Data Redundancy Warmish Back up Data Centre For Disaster Recovery Fully automated Significant switching impact Disaster Recovery And testing costs Full on Clouds this way >>>>>
  • 8. Then decide what level you want to operate in the Clouds
  • 9. Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure
  • 10. Then decide to which form of Cloud you want to move
  • 13. Cloud Forms External Internal Proprietary Open
  • 14. Cloud Forms To get through here you need a Collaboration Oriented Architecture and the Jericho Forum Commandments Deperimeterised Perimeterised
  • 15. Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open
  • 16. Cloud Forms External Deperimeterised Internal Perimeterised Proprietary Open We need inter cloud “IPI” standards... especially those that enable Collaboration. IPI=“Information Programming Interface” There has to be a better name!!!
  • 17. Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open Recognise some pathways between Clouds will be easier to enable than others!
  • 18. Cloud Patterns External Deperimeterised Internal Perimeterised Proprietary Open
  • 19. ...and ”then” ensure the controls you require are available in the Clouds... ...Oops!!! You mean “Cloud Security Central” doesn’t exist?
  • 20. Cloud Layers Outcome / Value Security and IdAM Ab s tr a c t Io n o cc u r s h er e! Last! Orchestration Process 3rd Software 2nd Platform 1st Infrastructure Cloud Maturity Scale
  • 21. We haven’t even identified all the needs yet. Bread Crumb Detector Bread Crumb Hoover Cloud Identity Services and their Providers What about Trust Levels?
  • 22. Proposed Individual Trust Levels Trust Intent Impact Trust Level Authentication Physical Level Label Activity World equiv T0 Stay None Anonymous None - Unidentified T1 Self Insignificant Self Asserted None Pseudonym Assertion* T2 Proof Minor Document Verified Authenticated: Proof of Abode of Identity Name, Address, Age Electricity Bill T3 T2+ Ability Major Legally/ Financially Authenticate Credit Credit Card to Commit Verified Worthiness and / Pay Payment Method 1Pay* Ability to Pay Varied Single use Authenticate Credit a single Financially Worthiness and Single Cash transaction Verified Use Payment Method T4 T2+ Material Government Government Passport Gov Id Verified T5 Protect Catastrophic Military Grade Positive Vetting Security Lives Clearance *1Pay: Can be appended to any Trust Level