1 / 14

A Security Approach In The Cloud

DPS Class of 2012 – Team 2. Rick Rodin Dwight Bygrave Evgeni Sadovski Maria Azua. A Security Approach In The Cloud. 1. Two Key Trends. Acceleration of technology adoption. Decreasing cost of Information. Time to 60M Users. 40 years. Radio. TV. 20 years. Internet. 3 years.

lara
Télécharger la présentation

A Security Approach In The Cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DPS Class of 2012 – Team 2 Rick Rodin Dwight Bygrave Evgeni Sadovski Maria Azua A Security Approach In The Cloud 1

  2. Two Key Trends Acceleration of technology adoption Decreasing cost of Information Time to 60M Users 40 years Radio TV 20 years Internet 3 years 4 months! Farmville 2 * Figueres from The Social Factor by Maria Azua

  3. What is Cloud Computing and how we got here? (Virtualized, Abstraction Layer, Image standardization, Services Driven, Utility model) Public Clouds Private Cloudds Hybrid Clouds (Peer-to-Peer architctue, No Abstraction layer) Compute Grid Data Grid Service Grid Application Grid Clouds Grids Virtualization, Images Clusters (Physical wiring of multiple computers) High Performance clusters High Availability clusters Provisioning, Service Catalog Elasticity. Virtual Network Management/Billing System • Diagram from Pankaj Deep Kaur, I.C.: ‘Unfolding the Distributed Computing Paradigms 3 • Diagram from IBM cloud presentation

  4. Cloud Computing enables economies of scale Unit cost Traditional Infrastructure Service Provider Cloud (cost) Internal Cloud Scale Large enterprises can significantly reduce costs for some workloads compared with traditional IT. 4 • Diagram from IBM cloud presentation

  5. Standardization and Automation have changed many other industries become more efficient. Telcos automate traffic through switches to assure service and lower cost. Manufacturers use robotics to improve quality and lower cost. Banks use automated teller machines to improve service and lower cost. … breakthroughs like these are enabled by service management systems. 5 • Diagram from IBM cloud presentation

  6. Cloud Computing technology enables low cost IT which made possible the creation of new Social Networking “clouds” Social Networks Facebook, YouTube % of Time Spent, Worldwide Informational / Services Yahoo, MSN, Google Yahoo MSN Google YouTube Facebook 6 * Figuere from The Social Factor by Maria Azua

  7. Byproduct of low cost communication and Cloud Computing The World is connected…. And more vulnerable to internet security attacks than ever before… 7 * Figuere from The Social Factor by Maria Azua

  8. Image Mangement Life Cycle Unsecure Process Secure Image management system Benefits / Value • Strict registration process. • Filter for publisher’s personal information like browser log files & cookies. • Verifies Signature • Monitors for Trojan horse and other malware patterns • Role base and ACL access control * Diagram from Jinpeng Wei, Xiaolan Zhang, Vasanth Bala, and Ning, P.: ‘Managing Security of Virtual Machine Images in a Cloud Environment’

  9. Quantum Computing • Traditional Computing • Computes in a linear fashion • Computation done by microprocessors one computation at a time • Push to have many tasks process at once (Parallel Computing) • Parallel Computing • Many calculations are carried out simultaneously • Major tasks are divided into smaller ones and processed at once • This would allow for enormous leaps in the world of computing • Essence of Quantum Computing • A computer must be able to store information as strings of 1’s and 0’s (Bits). • A computer must be able to manipulate the stored bits per given instructions. • NOT OR and AND Gates. • The operating environment must be completely protected from radiation, magnetic and electric fields as well as noise and motion. 9

  10. Quantum Key Distribution (QKD) Classical Cryptography (becoming vulnerable) • Secret or symmetric key cryptography • Public key cryptography or asymmetric cryptography Important Quantum Properties • Principle of Superposition • Heisenberg Uncertainty Principle • Quantum Entanglement

  11. Quantum Key Distribution (QKD) • 1984Charles Bennett and Gilles Brassard Protocol (BB84) • Photon polarization state to encode 0’s and 1‘s at 0o or 90o in the rectilinear base or 45o and 135oin a diagonal base. • 1992 Charles Bennett (B92) • Only two of the four states mentioned are necessary for B92

  12. Quantum Key Distribution (QKD) System • The most basic QKD system involves: • A sender(Alice) and receiver (Bob), • A quantum channel and a • Conventional communication channel. • Then you might encounter (Eve) the eavesdropper. 12

  13. ITILService Transition Source: ITIL Service Transition

  14. We need a Release Management process that leverages QKD Conclusion • Integrity of the modules (Cloud Images) • Track, Install, Verify and Validate deployed modules • Manage deviations • Risk: Breach in physical/information security • Security depends on VPN • Secure key exchange required

More Related