Www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session.

Slides:

Advertisements

Similar presentations

Connected Health Framework

Advertisements

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Cloud Security Alliance Research & Roadmap June 2012

System Center 2012 R2 Overview

BENEFITS OF SUCCESSFUL IT MODERNIZATION

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.

Delivering Mission Agility Through Agile SOA Governance 13 th SOA e-Government Conference 4/12/2012 Presented by Wolf Tombe Chief Technology Officer (CTO)

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Web Services, SOA and Security May 11, 2009 Michael Burnett.

1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )

IT Governance: Simultaneously Empowers and Controls Source: IT Governance, Chapter 1.

July 8-9, 2014 | Ronald Reagan Building | Washington, DC Federal Cloud Computing Summit Dr. Barry C. West Cloud Tools and Integration.

Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.

LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

Open Cloud Sunil Kumar Balaganchi Thammaiah Internet and Web Systems 2, Spring 2012 Department of Computer Science University of Massachusetts Lowell.

Plan Introduction What is Cloud Computing?

SOA – Development Organization Yogish Pai. 2 IT organization are structured to meet the business needs LOB-IT Aligned to a particular business unit for.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

DuraCloud Managing durable data in the cloud Michele Kimpton, Director DuraSpace.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

© Cloud Security Alliance, 2015 Sean Cordero, Chair CCM Laura Posey, Chair CAIQ.

What is Enterprise Architecture?

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

SECURITY Is cloud computing secure? Are Microsoft Online Services secure? Is cloud computing secure? Are Microsoft Online Services secure? PRIVACY What.

WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

Cloud services security Prof. Manel Medina Head of Unit CERT Operations support ENISA

Risk Management & Legal Issues in Cloud Practice Christopher Dodorico Director, PricewaterhouseCoopers Wednesday, October 10, 2012.

E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.

Plan  Introduction  What is Cloud Computing?  Why is it called ‘’Cloud Computing’’?  Characteristics of Cloud Computing  Advantages of Cloud Computing.

LiquiData Platform Unleashes Powerful Cloud Analytics Capabilities with Integrated Reporting and Visualization from Diverse Sources of Data COMPANY PROFILE:

© Cloud Security Alliance, 2015 Evelyn de Souza Chair Cloud Security Alliance Data Governance Chair/ Data Privacy and Compliance Leader Cisco Systems.

Cloud Security: Critical Threats and Global Initiatives Jim Reavis, Executive Director July, 2010.

Promoting excellence in social security Building on sector wide commonalities to enhance the benefits of Information.

Scalable Trust Community Framework STCF (01/07/2013)

Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

PRIVACYRELIABILIT Y SECURITY Secures against attacks Protects confidentiality, integrity, and availability of data and systems Helps manage risk Protects.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

© Cloud Security Alliance, 2015 Sean Cordero, Chair CCM.

The NIST Special Publications for Security Management By: Waylon Coulter.

© Cloud Security Alliance, 2015 Sean Cordero, Chair CCM.

HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.

Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.

Agenda VA’s Transformation Continues

EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.

ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.

Copyright © 2009 Trusted Computing Group An Introduction to Federated TNC Josh Howlett, JANET(UK) 11 June, 2009.

L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.

Security in Research Computing John Sandefur UAB Comprehensive Cancer Center John-Paul Robinson UAB Research Computing.

Clouding with Microsoft Azure

Organizations Are Embracing New Opportunities

ClearAvenue, LLC Headquartered in Columbia, Maryland

Case studies on Authentication, Authorization and Audit in SOA Environments Dr. Srini Kankanahalli.

SMS+ on Microsoft Azure Provides Enhanced and Secure Text Messaging, with Audit Trail, Scalability, End-to-End Encryption, and Special Certifications MICROSOFT.

BOMGAR REMOTE SUPPORT Karl Lankford

Azure Allays Data Security and Privacy Concerns for Solution Provider’s Cloud-Wary Customers “With Microsoft Azure, Jedox can deliver advanced enterprise.

Availability of Enterprise File-Sharing Solution on Azure Extends its Protection to Office 365 “With Microsoft Azure, Axway MailGate provides a comprehensive.

CLOUD COMPUTING SECURITY

ESA Single Sign On (SSO) and Federated Identity Management

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

Adra ACCOUNTS: Transaction Matching Software Powered by the Microsoft Azure Cloud That Helps Optimize the Accounting and Finance Processes MICROSOFT AZURE.

The E-Authentication Initiative

Harness the competitive advantages of Power BI and obtain business-critical insights with Adastra’s enterprise analytics platform using Microsoft Azure.

Kovaion Consulting IT Services Portfolio Date : Apr-2015

OU BATTLECARD: Oracle Identity Management Training

Presentation transcript:

Copyright © 2011 Cloud Security Alliance Trusted Cloud Initiative Work Group Session

Copyright © 2011 Cloud Security Alliance

Copyright © 2011 Cloud Security Alliance Use CaseDescription End User to CloudApplications running on the cloud and accessed by end users Enterprise to Cloud to End UserApplications running in the public cloud and accessed by employees and customers Enterprise to CloudCloud applications integrated with internal capabilities

Copyright © 2011 Cloud Security Alliance Define protections that enable trust in the cloud. Develop cross-platform capabilities and patterns for proprietary and open-source providers. Will facilitate trusted and efficient access, administration and resiliency to the customer/consumer. Provide direction to secure information that is protected by regulations. The Architecture must facilitate proper and efficient governance, identification, authentication, authorization, administration and auditability. Centralize security policy, maintenance operation and oversight functions. Access to information must be secure yet still easy to obtain. Delegate or Federate access control where appropriate. Must be easy to adopt and consume, supporting the design of security patterns. The Architecture must be elastic, flexible and resilient supporting multi-tenant, multi-landlord platforms The Architecture must address and support multiple levels of protection, including network, operating system, and application security needs.

Copyright © 2011 Cloud Security Alliance Use the breadth of the Cloud Security Alliance  Adjacent initiatives will be a focus for the TCI mandate  Built upon “pillars” from the Cloud Security Alliance  Provide an end-to-end security specification for cloud security Use the depth of the Cloud Security Alliance membership  Members have credibility from the top of the application to the “bare metal”  GRC and interoperability Enable a vendor neutral reference architecture specification  All vendor products that enable an end-to-end security platform will be used Provide a exemplary reference set of implementations  Global examples so that any country can implement the architecture to their requirements  Show examples of standards and how they can be implemented across products Open source initiative  Where the TCI supports implementation under its direction the implementation is open source Note: The TCI Reference Architecture is not the same as the Cloud Computing Architectural Framework (Domain 1 of the Security Guidance for Critical Areas of Focus in Cloud Computing V2.1)

Copyright © 2011 Cloud Security Alliance CSA Controls Matrix

Copyright © 2011 Cloud Security Alliance CSA Controls Matrix

Copyright © 2011 Cloud Security Alliance

Copyright © 2011 Cloud Security Alliance

Copyright © 2011 Cloud Security Alliance

Copyright © 2011 Cloud Security Alliance Control Mapping Operational Checklists Capability mapping Strategy alignment Use Cases (OSA) Security Patterns Guidelines Vendor Certification Reference Architecture CSA Controls Matrix CSA Consensus Assessment Security Framework and Patterns

Copyright © 2011 Cloud Security Alliance