Más contenido relacionado
La actualidad más candente (20)
Similar a Cloud security and security architecture (20)
Más de Vladimir Jirasek (16)
Cloud security and security architecture
- 2. Agenda
Cloud risk assessment x compared to traditional risk
assessments
Cloud security architectures x compared to security
architectures
CSA domains
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 3. Cloud risk assessment
Identify Context
assets establishment
Map the data Evaluate
flows assets
Risk Risk
communication assessment
Evaluate
Map to Cloud
Cloud
deployments
models and Risk treatment
models
Providers
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 4. Cloud model
Broad network Rapid elasticity Measured On-demand
access service service
Resource pooling
Software as a Platform as a Infrastructure
Service (SaaS) Service (SaaS) as a Service
(SaaS)
Publi Private Hybrid Community
c
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 5. Cloud computing deployment
models
Infrastructure Infrastructure Infrastructure Accessible and
managed by owned by located consumed by
Third party Third party
Public Off-premise Untrusted
provider provider
Organisation Organisation On-premise
Private/ o
Trusted
Community r 3rd party 3rdparty
Off-Premise
provider provider
Both Organisation Both Organisation
Both On-Premise Trusted &
Hybrid & Third party & Third party
& Off-Premise Untrusted
provider provider
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 6. Cloud model maps to Security model
Cloud model
GRC
Business continuity
SIEM
Data security
Identity, Access
Direct map
Cryptography
Application sec.
Host security
Network security
Physical security
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 7. Responsibilities for areas in security
model compared to delivery models
Provider responsible Customer responsible
GRC
Business continuity
SIEM
Identity, Access
Cryptography
Data security
Application sec.
Host security
Network security
Physical security
IaaS PaaS SaaS IaaS PaaS SaaS
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 8. Cloud Security Domains
Governance Operational
Governance and Enterprise Risk Traditional Security, Business
Management Continuity and Disaster Recovery
Legal Issues: Contracts and Electronic Data Center Operations
Discovery
Incident Response, Notification and
Compliance and Audit Remediation
Information Management and Data Application Security
Security
Encryption and Key Management
Portability and Interoperability
Identity and Access Management
Virtualization
Security as a Service
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 9. Cloud Security Alliance supports number
of projects related to cloud
Get involved at
https://cloudsecurityalliance.org/resea
rch/https://cloudsecurityalliance.org.uk
Copyright © 2012 Cloud Security Alliance
- 10. How to manage cloud security
• Have a cloud security standard
• What to do on an Enterprise level
• Before your Cloud project
• During your Cloud project
How to drive out the
• BAU 'seven deadly sins' of
cloud computing - new
Information Security
• Exit from the Cloud provider Forum report
• Risks cannot be outsourced
• Manage lock-in and exit up-front – especially in SaaS
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
- 11. Contact
Help us secure cloud computing – Get involved
• http://cloudsecurityalliance.org.uk
• info@cloudsecurityalliance.org.uk
• LinkedIn: http://www.linkedin.com/groups/Cloud-
Security-Alliance-UK-Chapter-3745837
• Twitter: @CSAUKResearch
Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
Notas del editor
- Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates