The Future of Cloud Computing: Thursday, September 1, 11

1
The Future Of Cloud Computing

Thursday, September 1, 11
::Setting Some Context

Cloud Computing is a natural, disruptively
innovative and timely opportunistic
response to a converging set of socioeconomic, political, cultural and
technological stimuli*
*Its also a really good marketing job...
::Setting Some Context
Cloud is an adaptive operational model,

not a particular technology and there are
lots of different types of Clouds.
::The Technicians Definition

VisualModelOfNISTWorkingDeniEonOfCloudCompuEng
h7p://www.csrc.nist.gov/groups/SNS/cloudcompu2ng/index.html
Broad
NetworkAccess
RapidElasEcity
MeasuredService
OnDemand
SelfService
ResourcePooling
So5wareasa
Service(SaaS)
Public
Pla:ormasa
Service(PaaS)
Private
Hybrid
Infrastructureasa
Service(IaaS)
Community
Essen2al
Characteris2cs
Delivery
Models
Deployment
Models
:: The Consumers Definition
Everything Is Cloud...
::Key Ingredients In Cloud

Abstraction of Infrastructure
Resource Democratization
Services Oriented
Self-Service
On-Demand Elasticity/Dynamism With a Utility
Model Of Consumption & Allocation
:: Weve Been Here Before...

Mobility
Display
Compute
Mainframes
Data
Bandwidth
The Cloud
Centralized
Web2.0
Unreliable/Slow
Reliable/Fast
buted
ri
y Dist
Mostl
Mostly Reliable/Fast
ed
iz
entral
C
y
l
t
s
Mo
Distributed
Web1.0
Client/Server
More Reliable/Faster
:: The SPI Model

Three delivery models that people talk about about
when they say Cloud:
Software as a Service
End
Users
(SaaS)
Platform as a Service
Developers
(PaaS)
Infrastructure
as a Service
System
(IaaS)
Adminstrators
What Do These
Look Like?
IaaS Security :: Guest/Host-Based

Data
OS & Applications
Consumer
VMs/Containers
APIs
Abstraction
Hardware
Facilities
IaaS
Infrastructure as a Service (IaaS)
Core Connectivity & Delivery
Provider
Provider secures their

infrastructure to maximize
availability & multi-tenancy
Remainder of the stack (and
confidentiality, integrity) is
your problem
General focus is on VMs &
Guest-Based
PaaS Security :: Programmatic

Provider owns the compute,
network, storage layers &
programmatic interface security
Data
Consumer
Applications
Provider
Integration & Middleware
Abstraction
Hardware
Facilities
PaaS
Platform as a Service (PaaS)
Writing secure applications and

ensuring your data is safe is your
responsibility
APIs
The consumer creates the

applications based upon
supported development
environment
SaaS Security :: All or Nothing

Presentation
Modality
Presentation
Platform
The Provider Owns the Entire

Stack
APIs
Applications
Data
Metadata
Content
Provider
Security (C, I and A) Become

A Contract Negotiation
Hardware
Facilities
SaaS
Software as a Service (SaaS)
Abstraction
APIs
Traditional Security &

Compliance Functions Are
More Administrative & PolicyFocused
:: What This Means To Security

Provider
Data
Consumer
Data
OS & ApplicationsBuild
Consumer
It In
Presentation
Modality
Presentation
Platform
APIs
Contract It In
Applications
Applications
VMs/Containers
Data
Metadata
Content

APIs
APIs
Facilities
IaaS
Facilities
PaaS
Abstraction
Hardware
Facilities
SaaS
Software as a Service (SaaS)
Hardware
Abstraction
Provider
Hardware
Provider
Abstraction
APIs
13
:: The Punchline
In The Simplest Of Terms, Using Cloud
Means Imagining Applications & Information
Across All Tiers Have The Potential To Be
Connected Directly To The Internet...
We Cant Trust The Provider, So We Must
Engineer Security Into Design Patterns
Across The Entire Stack
Any Dumb Component In The Stack
Compromises The Integrity Of the Entire
Stack...
APIs, Intelligence and Automation
EVERYWHERE
All About Gracefully Giving Up Direct

Operational Control Over Infrastructure
It All Comes Down To Trust...

16
Toward A Secure Cloud Future...

Journey To the Cloud Made Simple

Cloud Brokers
Virtualized
Data Centers
Stand-Alone
Data Centers
Private Cloud
Public Cloud
Virtual
Private Cloud
Intercloud
Hybrid Clouds
Federation / Workload Portability / Interoperability

18
Simple, Right?
19
Lets Ask The Magic Cloud 8-Ball
20
Is Cloud
Is ThisAAMajor
MajorShift
Shift?
In IT?
21
Will Everything Move To The

Cloud?
22
Is All We Know & Do

Today In Security
Worthless In Cloud?
23
Is The Cloud More Secure?

24
Without Context, Silly Question

25
More Secure Than What?

26
Can We Trust The Cloud?
27
So I Have Options Today?
28
So, Whats The Future Of Cloud?

29

30

31

id*#,bâa^dc^c'%&(#
::The Internet Of
Things
&Igâa^dc
8dccZXiZY9Zk^XZh
&Igâa^dc
&)%XdccZXiZY
YZk^XZheZgeZghdc
*%%bâa^dc
&$&%i]d[VXdccZXiZY
YZk^XZeZgeZghdc
(*Wâa^dc
*XdccZXiZY
YZk^XZh
eZgeZghdc
HdjgXZ/;dggZhiZg
GZhZVgX]!8^hXdVcVanh^h
[dgZXVhid['%&(
Vhhjb^c\Xdch^hiZci
\gdli]igZcYh
&!*%%!%%%
idiVabdWâZ
6eea^XVi^dch
(%%%
idiVabdWâZ
Veea^XVi^dch
ldgaYl^YZ
'+*!%%%
idiVabdWâZ
Veea^XVi^dch
ldgaYl^YZ
HdjgXZ/L^cYdlh
BdWâZ!Bdg\VcHiVcaZn!
8^hXdVcVanh^h[dgZXVhi
d['%&(Vhhjb^c\
Xdch^hiZci\gdli]igZcYh
HZXjgînI]gZVih
Veea^XVi^dch
ldgaYl^YZ
*!,%%!%%%
hZXjgîni]gZVih
+')!%%%
hZXjgîni]gZVih
'!+%%!%%%
hZXjgîni]gZVih
Cisco 2010 Mid-Year Security Report

'%%,
HdjgXZ/HnbVciZX!
8^hXdVcVanh^h[dgZXVhi
d['%&(Vhhjb^c\
Xdch^hiZci\gdli]igZcYh
'%&%
'%&(
33
There Are ~4,100,000,000 Of

These....
34
...and 6,797,100,000 Of These

*http://en.wikipedia.org/wiki/List_of_countries_by_number_of_mobile_phones_in_use
35
So While
Mega Data
Centers ReCentralize
Our Apps &
Data In Fewer
& Fewer
Locations
Thanks to
Cloud...
36
These Little devices -Distributed Everywhere

-- Have Amazingly
Powerful Processors,
Lots Of Memory, NearUbiquitous Connectivity
and Native Apps &
Data...
37
The Consumption Modality Will Ultimately Become

More Important Than The Back-End Delivery
Mechanism
38
How Will You Choose What To Protect &

Where Will You Choose To Invest To Protect It?
39
The Eight Things That Matter (Again)

Open Standards & APIs
Programmability & Automation
Evolution of Name Spaces & Registries
Transparency & Visibility
{Id}Entity and Authentication
Mobility
Privacy & Law
Information Centricity & System Survivability
40
What Does That Mean?

41
Abstraction As Distraction
Cloud is a fantastic forcing function, lets embrace it!
Stay grounded: think globally, act locally
The Cloud is De-Perimeterization...amplified
Plan for FAIL | Re-architecting Means: Information Centricity & Survivability
Public, Private, Hybrid? : All comes down to trust models
Cloud is an iteration of a platform and an operational model, approach it
as such and manage risk appropriately
Focus on the data. Its what were all concerned with in the first
place.
42
So What Will Cloud Bring

Tomorrow?
43
Does It Really
Matter?
44
What Are You Doing

To Secure What You
Have Today?
45
So, Can We Trust The Cloud?
46
Can You Afford Not To?
47
Find Out:
www.cloudsecurityalliance.org
http://www.enisa.europa.eu

The Future of Cloud Computing: Thursday, September 1, 11

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

The Future of Cloud Computing: Thursday, September 1, 11

Uploaded by

Copyright:

Available Formats

1

The Future Of Cloud Computing

::Setting Some Context

::Setting Some Context

Cloud is an adaptive operational model,

::The Technicians Definition

:: The Consumers Definition

::Key Ingredients In Cloud

:: Weve Been Here Before...

:: The SPI Model

IaaS Security :: Guest/Host-Based

Infrastructure as a Service (IaaS)

Core Connectivity & Delivery

Provider secures their

PaaS Security :: Programmatic

Integration & Middleware

Core Connectivity & Delivery

Platform as a Service (PaaS)

Writing secure applications and

Infrastructure as a Service (IaaS)

The consumer creates the

SaaS Security :: All or Nothing

The Provider Owns the Entire

Integration & Middleware

Security (C, I and A) Become

Software as a Service (SaaS)

Platform as a Service (PaaS)

Core Connectivity & Delivery

Infrastructure as a Service (IaaS)

Traditional Security &

:: What This Means To Security

Integration & Middleware

Software as a Service (SaaS)

Core Connectivity & Delivery

Platform as a Service (PaaS)

Platform as a Service (PaaS)

Core Connectivity & Delivery

Infrastructure as a Service (IaaS)

Core Connectivity & Delivery

Infrastructure as a Service (IaaS)

All About Gracefully Giving Up Direct

It All Comes Down To Trust...

Toward A Secure Cloud Future...

Journey To the Cloud Made Simple

Federation / Workload Portability / Interoperability

Lets Ask The Magic Cloud 8-Ball

Will Everything Move To The

Is All We Know & Do

Is The Cloud More Secure?

Without Context, Silly Question

More Secure Than What?

Can We Trust The Cloud?

So I Have Options Today?

So, Whats The Future Of Cloud?

So, Whats The Future Of Cloud?

So, Whats The Future Of Cloud?

So, Whats The Future Of Cloud?

Cisco 2010 Mid-Year Security Report

There Are ~4,100,000,000 Of

...and 6,797,100,000 Of These

These Little devices -Distributed Everywhere

The Consumption Modality Will Ultimately Become

How Will You Choose What To Protect &