Professional Documents
Culture Documents
If you accept
There is an unquenchable thirst for
collaboration and sharing
We can work anywhere at any time highly
mobile workforce
You can work wherever you are at home,
traveling, etc.
Then
How do we achieve mission assurance on the same
network?
How do we ensure the network is there when we
need it?
What approach should we take?
Mission
Assurance
Work
Anywhere
at any
time
Sharing
Collaboration
Work
wherever
you are
Cloud Computing
Gartner definition
Characteristics
Private or Public?
Infrastructure-as-a-Service
Platform-as-a-service
Developers need to know that currently, there are not standards for
interoperability or data portability in the cloud. Some providers will
not allow software created by their customers to be moved off the
provider's platform.
Software-as-a-service
Because the service provider hosts both the application and the data,
the end user is free to use the service from anywhere.
Benefits
Contd.
Skilled Vendors: Who would you rather manage and protect your
data? A company such as InfoStreet (with over 16 years experience
serving enterprise clients), IBM or Amazon or your IT staff.
Contd.
Even playing field for small firms: This allows small companies
to complete more effectively with some of the larger businesses,
balancing the playing field. Your small business can utilize the same
tools that Fortune 100 companies use and can do this because with
cloud computing, your business will only pay for what you need
Reliability
Billing
Programming Env.
& Application Dev.
Software Eng.
Complexity
Security
IBM Cloud
Manjrasoft Aneka
Complex decisions
to make?
Technique
Basic components
Attacker modeling
Choose what attacker to consider
Attacker motivation and capabilities
Vulnerabilities / threats
Insider?
Malicious employees at client
Malicious employees at Cloud provider
Cloud provider itself
Outsider?
Intruders
Network attackers?
At client
At cloud provider
What?
Can read unencrypted data
Can possibly peek into VMs, or make copies of VMs
Can monitor network communication, application patterns
Why?
Gain information about client data
Gain information on client behavior
Sell the information or use itself
Why not?
Cheaper to be honest?
Why? (again)
Third party clouds?
What?
Listen to network traffic (passive)
Insert malicious traffic (active)
Probe cloud structure (active)
Launch DoS
Intrusion
Network analysis
Cartography
Confidentiality
Integrity
Data stored in the cloud
Computations performed on the cloud
Availability
Cloud infrastructure
SaaS/ PaaS
Spoofing identity
Repudiation
Information disclosure
Denial of service
Elevation of privilege