SlideShare una empresa de Scribd logo

Seguridad: sembrando confianza en el cloud

Descargar como PPT, PDF
Nextel S.A.
Nextel S.A.

Presentación de Oscar Lopez, de Nextel S.A., durante la XV Jornada de Seguridad TI de Nextel S.A. en la Alhóndiga de Bilbao el jueves 27 de junio de 2013.

1 de 25
Sembrando confianza en el CLOUD Oscar López Área I+D+i XV Jornadas de Seguridad NEXTEL S.A. 27/06/2013
SEED4C. Sembrando confianza en el CLOUD Servicios en CLOUD IaaS PaaS SaaS Cloud provider Cloud customer ¿Seguridad TI y ahorro de costes es posible?
SEED4C. Sembrando confianza en el CLOUD • Coordinación del proyecto: Alcatel-Lucent Bell Labs • Inicio: Abril 2012 • Cierre: Septiembre 2014 • Duración: 30 meses • 4 países: Finlandia, Francia, Corea y España
SEED4C. Sembrando confianza en el CLOUD • How to increase the Trust in Cloud Services ? Up to 80%of problems may be solved with a protected execution & a proper policy enforcement.
SEED4C. Sembrando confianza en el CLOUD • Can we “plant” SEEDs in the Cloud to increase trust ? Building a Trusted Cloud Computing Base TCCB Based on A Cloud of minimal Trusted Computing Bases: the SEEDs managed by the NoSE
SEED4C. Sembrando confianza en el CLOUD • Security Embedded Element and Data Privacy for Cloud infraestructures Introduction of NoSE. Network of Secure elements
SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
SEED4C. Sembrando confianza en el CLOUD • Deliver Trusted Services in a multi-nodes Trusted Cloud Execution Enviroment 10 Policy Execution Trust & Assurance • Network • Servers • more… Trusted Execution Trust & Assurance
SEED4C. Sembrando confianza en el CLOUD SECURITY PLANE / NoSEUSER’S DEVICE END to END TRUSTED SERVICESEND to END TRUSTED SERVICES User’s SEED enrolled in NoSE Trust & Assurance • And deliver End to End security to users
SEED4C. Sembrando confianza en el CLOUD Infra Provider SaaS Provider User / Tenant PaaS Provider Device Provider • In a multi-party policy driven architecture
SEED4C. Sembrando confianza en el CLOUD • And provide compliance and evidence • Logs and audit features enforced by the NoSE • Change Management of the Trusted Architecture tracked down thanks to the NoSE and central management • Change workflow may be enforced too by trusted actors
SEED4C. Sembrando confianza en el CLOUD • Cómo distribuir los elementos seguros dentro de una infraestructura para que proporcionen valor añadido a la plataforma y los servicios. • Cómo conseguir un balance de carga y comunicación seguros entre y desde los elementos seguros (SE) a las máquinas integradas. • Cómo abordar la ejecución de políticas (centradas en la Identidad y Privacidad), trazabilidad y garantía de los servicios finales. • Retos de investigación
SEED4C. Sembrando confianza en el CLOUD • Retos de investigación
SEED4C. Sembrando confianza en el CLOUD • SEEDs planting: Granularity – Network, hypervisors, servers, storage, devices – Strategic places IaaS, PaaS, SaaS • Multiple form factors required to match physical constraints – Secure Embedded Elements, TPM, Software in a TEE, Dedicated VM, OS Component • Network of Secure Elements (NoSE) – Communication protocols across SEEDs • Scalability of the architecture • Enrollment & Lifecycle of equipment, VMs, SEEDs in the NoSE – Enroll equipment, attach them to SEEDs • Credential management • Valor añadido
SEED4C. Sembrando confianza en el CLOUD • Mapeo de los casos de uso Net aaS PaaS IaaS SaaS NoSE Client Access Device 1: BYOD / protection of corp data 2: Airport equipment Mgt. 3: HSM+Key Ceremony 4: Enterprise Collaboration 5: ePayment, PCI/DSS 6: IAM Auth + Auditing 7: Security at IaaS Level 8: Monitoring Security at PaaS Layer 9: Admin Access & Audit management/logs 10: Telco Services in the cloud, multi tenancy protection 11: eGov. Services, Data protection 12: SVPDC, Virtual Data Center management
SEED4C. Sembrando confianza en el CLOUD • eGoverment services data protection
SEED4C. Sembrando confianza en el CLOUD • eGoverment services data protection
SEED4C. Sembrando confianza en el CLOUD Before SEED4C After SEED4C •Security solutions based on independent, proprietary and independent elements to secure data in the cloud •Enhanced security related functionality to control, access and store protected data in the cloud •Adopt the seeds developed for the e- Government service to manage and store this protected data in their own infrastructure •Add more layers of security using a network of secure elements: Compliance, Traceability and Auditability. • eGoverment services data protection
SEED4C. Sembrando confianza en el CLOUD • Centralized cloud services for airport management
SEED4C. Sembrando confianza en el CLOUD Before SEED4C After SEED4C •Security solutions based on independent, proprietary and independent elements to secure data in the cloud •Enhanced security related functionalities •Add more layers of security using a network of secure elements •Provide a NoSE interconnected generating a trusted network that provides a layer of security to the entire system: Compliance, Traceability and Auditability. • Centralized cloud services for airport management
SEED4C. Sembrando confianza en el CLOUD • Propiedades de seguridad
SEED4C. Sembrando confianza en el CLOUD
¡Muchas Gracias! XV Jornadas de Seguridad NEXTEL S.A. 27/06/2013 Oscar López Area I+D+i ¡Síguenos en Redes Sociales!

Recomendados

Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Bloombase
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: Encryption
CipherCloud
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution Overview
CipherCloud
 
Analysis of TLS in SMTP World
Analysis of TLS in SMTP WorldAnalysis of TLS in SMTP World
Analysis of TLS in SMTP World
Binu Ramakrishnan
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud
 
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
Nur Shiqim Chok
 
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Mary Racter
 
IaaS Security - Back to the Drawing Board
IaaS Security - Back to the Drawing BoardIaaS Security - Back to the Drawing Board
IaaS Security - Back to the Drawing Board
K Logic Future Marketing
 

Recomendados

Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Bloombase
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: Encryption
CipherCloud
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution Overview
CipherCloud
 
Analysis of TLS in SMTP World
Analysis of TLS in SMTP WorldAnalysis of TLS in SMTP World
Analysis of TLS in SMTP World
Binu Ramakrishnan
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud
 
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
Nur Shiqim Chok
 
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Mary Racter
 
IaaS Security - Back to the Drawing Board
IaaS Security - Back to the Drawing BoardIaaS Security - Back to the Drawing Board
IaaS Security - Back to the Drawing Board
K Logic Future Marketing
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
Moshe Ferber
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
Akeyless
 
Recipe for good secrets management
Recipe for good secrets managementRecipe for good secrets management
Recipe for good secrets management
Kevin Gilpin
 
GDPR Fast Start
GDPR Fast StartGDPR Fast Start
GDPR Fast Start
Delphix
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and Compliance
Matthew R. Barrett
 
Automation Patterns for Scalable Secret Management
Automation Patterns for Scalable Secret ManagementAutomation Patterns for Scalable Secret Management
Automation Patterns for Scalable Secret Management
Mary Racter
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
Nuno Godinho
 
Data Masking With The Delphix Dynamic Data Platform
Data Masking With The Delphix Dynamic Data PlatformData Masking With The Delphix Dynamic Data Platform
Data Masking With The Delphix Dynamic Data Platform
Delphix
 
Cyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWiseCyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWise
Wavecrest Computing
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
Lalit Singh
 
Kubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
Kubernetes Secrets - The Good, The Bad, and The Ugly - AkeylessKubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
Kubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
Akeyless
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus vision
Marc Vael
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computing
Moshe Ferber
 
Kubernetes Secrets Management - Securing Your Production Environment
Kubernetes Secrets Management - Securing Your Production EnvironmentKubernetes Secrets Management - Securing Your Production Environment
Kubernetes Secrets Management - Securing Your Production Environment
Akeyless
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)
Marc Vael
 
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Schellman & Company
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
Patrick Sklodowski
 
Unified Cluster Management with Rancher 2.0
Unified Cluster Management with Rancher 2.0Unified Cluster Management with Rancher 2.0
Unified Cluster Management with Rancher 2.0
gravityforall
 
Hardening Kubernetes Cluster
Hardening Kubernetes ClusterHardening Kubernetes Cluster
Hardening Kubernetes Cluster
Knoldus Inc.
 
Improve your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-CommerceImprove your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-Commerce
Embitel Technologies (I) PVT LTD
 
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference BostonSales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Kevin Purcell
 
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van GorpNyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
NUV-UVW
 

Más contenido relacionado

La actualidad más candente

The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
Akeyless
 

La actualidad más candente (19)

Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
 
Recipe for good secrets management
Recipe for good secrets managementRecipe for good secrets management
Recipe for good secrets management
 
GDPR Fast Start
GDPR Fast StartGDPR Fast Start
GDPR Fast Start
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and Compliance
 
Automation Patterns for Scalable Secret Management
Automation Patterns for Scalable Secret ManagementAutomation Patterns for Scalable Secret Management
Automation Patterns for Scalable Secret Management
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
 
Data Masking With The Delphix Dynamic Data Platform
Data Masking With The Delphix Dynamic Data PlatformData Masking With The Delphix Dynamic Data Platform
Data Masking With The Delphix Dynamic Data Platform
 
Cyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWiseCyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWise
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
 
Kubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
Kubernetes Secrets - The Good, The Bad, and The Ugly - AkeylessKubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
Kubernetes Secrets - The Good, The Bad, and The Ugly - Akeyless
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus vision
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computing
 
Kubernetes Secrets Management - Securing Your Production Environment
Kubernetes Secrets Management - Securing Your Production EnvironmentKubernetes Secrets Management - Securing Your Production Environment
Kubernetes Secrets Management - Securing Your Production Environment
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)
 
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
 
Unified Cluster Management with Rancher 2.0
Unified Cluster Management with Rancher 2.0Unified Cluster Management with Rancher 2.0
Unified Cluster Management with Rancher 2.0
 
Hardening Kubernetes Cluster
Hardening Kubernetes ClusterHardening Kubernetes Cluster
Hardening Kubernetes Cluster
 

Destacado

Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference BostonSales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Kevin Purcell
 
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van GorpNyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
NUV-UVW
 
Senate bill # 1
Senate bill # 1Senate bill # 1
Senate bill # 1
SLaM Iam
 
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
kcrabbendam
 

Destacado (18)

Improve your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-CommerceImprove your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-Commerce
 
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference BostonSales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
Sales Transformation Kevin Purcell 2011 Sales 2.0 Conference Boston
 
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van GorpNyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
Nyenrode BU Research - What Tech Can Do to Your Biz - Desiree van Gorp
 
VRIJBURCHT
VRIJBURCHTVRIJBURCHT
VRIJBURCHT
 
J1939 stack integration with an advanced EPS system | Automotive Tier-I Suppl...
J1939 stack integration with an advanced EPS system | Automotive Tier-I Suppl...J1939 stack integration with an advanced EPS system | Automotive Tier-I Suppl...
J1939 stack integration with an advanced EPS system | Automotive Tier-I Suppl...
 
Scrum horoscope
Scrum horoscopeScrum horoscope
Scrum horoscope
 
El Full de Ruta al CFA Municipal l'Olivera
El Full de Ruta al CFA Municipal l'OliveraEl Full de Ruta al CFA Municipal l'Olivera
El Full de Ruta al CFA Municipal l'Olivera
 
Lara Morgan - Its Up To You - Fresh Business Thinking LIVE at Cass Business S...
Lara Morgan - Its Up To You - Fresh Business Thinking LIVE at Cass Business S...Lara Morgan - Its Up To You - Fresh Business Thinking LIVE at Cass Business S...
Lara Morgan - Its Up To You - Fresh Business Thinking LIVE at Cass Business S...
 
Ctsg packet
Ctsg packetCtsg packet
Ctsg packet
 
Mobile Commerce for Retailers Webinar
Mobile Commerce for Retailers WebinarMobile Commerce for Retailers Webinar
Mobile Commerce for Retailers Webinar
 
Cultural Mentors_TMT2013
Cultural Mentors_TMT2013Cultural Mentors_TMT2013
Cultural Mentors_TMT2013
 
First time buyers top 25 questions
First time buyers top 25 questionsFirst time buyers top 25 questions
First time buyers top 25 questions
 
Attack Toolkit Webinar on Tobacco Industry Marketing
Attack Toolkit Webinar on Tobacco Industry MarketingAttack Toolkit Webinar on Tobacco Industry Marketing
Attack Toolkit Webinar on Tobacco Industry Marketing
 
Sitting the Key Features Examination
Sitting the Key Features ExaminationSitting the Key Features Examination
Sitting the Key Features Examination
 
Senate bill # 1
Senate bill # 1Senate bill # 1
Senate bill # 1
 
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
GRUBBEHOEVE oud-nieuw ZuidOost Architectuurprijs 2010
 
บุหรี่
บุหรี่บุหรี่
บุหรี่
 
Step by-step guide to buying your first home
Step by-step guide to buying your first homeStep by-step guide to buying your first home
Step by-step guide to buying your first home
 

Similar a Seguridad: sembrando confianza en el cloud

Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
Cloud Standards Customer Council
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Standards Customer Council
 
(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises
Amazon Web Services
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
Amazon Web Services
 
3 keys to Digital transformation
3 keys to Digital transformation 3 keys to Digital transformation
3 keys to Digital transformation
Equinix
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.
CCS Technologies (P) Ltd.
 

Similar a Seguridad: sembrando confianza en el cloud (20)

Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceWebinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
SpeedyCloud Technologies - Beijing, China
SpeedyCloud Technologies - Beijing, ChinaSpeedyCloud Technologies - Beijing, China
SpeedyCloud Technologies - Beijing, China
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
 
IT Resilience Use Case
IT Resilience Use CaseIT Resilience Use Case
IT Resilience Use Case
 
PTC Cloud Services Datasheet: Security Primer
PTC Cloud Services Datasheet: Security PrimerPTC Cloud Services Datasheet: Security Primer
PTC Cloud Services Datasheet: Security Primer
 
(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises(SEC321) Implementing Policy, Governance & Security for Enterprises
(SEC321) Implementing Policy, Governance & Security for Enterprises
 
5787355.ppt
5787355.ppt5787355.ppt
5787355.ppt
 
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium) CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
 
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDBMongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
MongoDB World 2019: Wipro Software Defined Everything Powered by MongoDB
 
Sutedjo - open banking may 27, 2021
Sutedjo - open banking may 27, 2021Sutedjo - open banking may 27, 2021
Sutedjo - open banking may 27, 2021
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Hybrid cloud - Datacomm Azure Stack
Hybrid cloud - Datacomm Azure StackHybrid cloud - Datacomm Azure Stack
Hybrid cloud - Datacomm Azure Stack
 
3 keys to Digital transformation
3 keys to Digital transformation 3 keys to Digital transformation
3 keys to Digital transformation
 
SpeedyCloud Services Introduction Vol-5
SpeedyCloud Services Introduction Vol-5SpeedyCloud Services Introduction Vol-5
SpeedyCloud Services Introduction Vol-5
 
Gitex journey to the cloud
Gitex journey to the cloudGitex journey to the cloud
Gitex journey to the cloud
 
Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.Cloud Migration - CCS Technologies (P) Ltd.
Cloud Migration - CCS Technologies (P) Ltd.
 
Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia Ten Type of Innovation - Universitas Indonesia
Ten Type of Innovation - Universitas Indonesia
 

Más de Nextel S.A.

Más de Nextel S.A. (20)

Transformación de la organización TI
Transformación de la organización TITransformación de la organización TI
Transformación de la organización TI
 
Relación entre Tecnología y Negocio
Relación entre Tecnología y NegocioRelación entre Tecnología y Negocio
Relación entre Tecnología y Negocio
 
Visión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TICVisión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TIC
 
Nuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzadaNuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzada
 
La gestión de una empresa pública TI
La gestión de una empresa pública TILa gestión de una empresa pública TI
La gestión de una empresa pública TI
 
Futuro y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la UniversidadFuturo y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la Universidad
 
Presentacion de Nextel S.A.
Presentacion de Nextel S.A.Presentacion de Nextel S.A.
Presentacion de Nextel S.A.
 
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
 
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
 
Gestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazasGestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazas
 
Linked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de accesoLinked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de acceso
 
El Negocio del Riesgo
El Negocio del RiesgoEl Negocio del Riesgo
El Negocio del Riesgo
 
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check Point
 
Ahorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TICAhorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TIC
 
redBorder: Open or die
redBorder: Open or dieredBorder: Open or die
redBorder: Open or die
 
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidadesLa Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower Business
 
Gestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuityGestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuity
 
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
 
El Reto de la Continuidad de Negocio
El Reto de la Continuidad de NegocioEl Reto de la Continuidad de Negocio
El Reto de la Continuidad de Negocio
 

Seguridad: sembrando confianza en el cloud

  • 1. Sembrando confianza en el CLOUD Oscar López Área I+D+i XV Jornadas de Seguridad NEXTEL S.A. 27/06/2013
  • 2. SEED4C. Sembrando confianza en el CLOUD Servicios en CLOUD IaaS PaaS SaaS Cloud provider Cloud customer ¿Seguridad TI y ahorro de costes es posible?
  • 3. SEED4C. Sembrando confianza en el CLOUD • Coordinación del proyecto: Alcatel-Lucent Bell Labs • Inicio: Abril 2012 • Cierre: Septiembre 2014 • Duración: 30 meses • 4 países: Finlandia, Francia, Corea y España
  • 4. SEED4C. Sembrando confianza en el CLOUD • How to increase the Trust in Cloud Services ? Up to 80%of problems may be solved with a protected execution & a proper policy enforcement.
  • 5. SEED4C. Sembrando confianza en el CLOUD • Can we “plant” SEEDs in the Cloud to increase trust ? Building a Trusted Cloud Computing Base TCCB Based on A Cloud of minimal Trusted Computing Bases: the SEEDs managed by the NoSE
  • 6. SEED4C. Sembrando confianza en el CLOUD • Security Embedded Element and Data Privacy for Cloud infraestructures Introduction of NoSE. Network of Secure elements
  • 7. SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
  • 8. SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
  • 9. SEED4C. Sembrando confianza en el CLOUD • SEED4C. Concept
  • 10. SEED4C. Sembrando confianza en el CLOUD • Deliver Trusted Services in a multi-nodes Trusted Cloud Execution Enviroment 10 Policy Execution Trust & Assurance • Network • Servers • more… Trusted Execution Trust & Assurance
  • 11. SEED4C. Sembrando confianza en el CLOUD SECURITY PLANE / NoSEUSER’S DEVICE END to END TRUSTED SERVICESEND to END TRUSTED SERVICES User’s SEED enrolled in NoSE Trust & Assurance • And deliver End to End security to users
  • 12. SEED4C. Sembrando confianza en el CLOUD Infra Provider SaaS Provider User / Tenant PaaS Provider Device Provider • In a multi-party policy driven architecture
  • 13. SEED4C. Sembrando confianza en el CLOUD • And provide compliance and evidence • Logs and audit features enforced by the NoSE • Change Management of the Trusted Architecture tracked down thanks to the NoSE and central management • Change workflow may be enforced too by trusted actors
  • 14. SEED4C. Sembrando confianza en el CLOUD • Cómo distribuir los elementos seguros dentro de una infraestructura para que proporcionen valor añadido a la plataforma y los servicios. • Cómo conseguir un balance de carga y comunicación seguros entre y desde los elementos seguros (SE) a las máquinas integradas. • Cómo abordar la ejecución de políticas (centradas en la Identidad y Privacidad), trazabilidad y garantía de los servicios finales. • Retos de investigación
  • 15. SEED4C. Sembrando confianza en el CLOUD • Retos de investigación
  • 16. SEED4C. Sembrando confianza en el CLOUD • SEEDs planting: Granularity – Network, hypervisors, servers, storage, devices – Strategic places IaaS, PaaS, SaaS • Multiple form factors required to match physical constraints – Secure Embedded Elements, TPM, Software in a TEE, Dedicated VM, OS Component • Network of Secure Elements (NoSE) – Communication protocols across SEEDs • Scalability of the architecture • Enrollment & Lifecycle of equipment, VMs, SEEDs in the NoSE – Enroll equipment, attach them to SEEDs • Credential management • Valor añadido
  • 17. SEED4C. Sembrando confianza en el CLOUD • Mapeo de los casos de uso Net aaS PaaS IaaS SaaS NoSE Client Access Device 1: BYOD / protection of corp data 2: Airport equipment Mgt. 3: HSM+Key Ceremony 4: Enterprise Collaboration 5: ePayment, PCI/DSS 6: IAM Auth + Auditing 7: Security at IaaS Level 8: Monitoring Security at PaaS Layer 9: Admin Access & Audit management/logs 10: Telco Services in the cloud, multi tenancy protection 11: eGov. Services, Data protection 12: SVPDC, Virtual Data Center management
  • 18. SEED4C. Sembrando confianza en el CLOUD • eGoverment services data protection
  • 19. SEED4C. Sembrando confianza en el CLOUD • eGoverment services data protection
  • 20. SEED4C. Sembrando confianza en el CLOUD Before SEED4C After SEED4C •Security solutions based on independent, proprietary and independent elements to secure data in the cloud •Enhanced security related functionality to control, access and store protected data in the cloud •Adopt the seeds developed for the e- Government service to manage and store this protected data in their own infrastructure •Add more layers of security using a network of secure elements: Compliance, Traceability and Auditability. • eGoverment services data protection
  • 21. SEED4C. Sembrando confianza en el CLOUD • Centralized cloud services for airport management
  • 22. SEED4C. Sembrando confianza en el CLOUD Before SEED4C After SEED4C •Security solutions based on independent, proprietary and independent elements to secure data in the cloud •Enhanced security related functionalities •Add more layers of security using a network of secure elements •Provide a NoSE interconnected generating a trusted network that provides a layer of security to the entire system: Compliance, Traceability and Auditability. • Centralized cloud services for airport management
  • 23. SEED4C. Sembrando confianza en el CLOUD • Propiedades de seguridad
  • 25. ¡Muchas Gracias! XV Jornadas de Seguridad NEXTEL S.A. 27/06/2013 Oscar López Area I+D+i ¡Síguenos en Redes Sociales!

Notas del editor

  1. Seguridad TI y ahorro de costes es posible?
  2. Seguridad TI y ahorro de costes es posible?