Jim Stikeleather Chief Innovation Officer November 22, 2010 Technical Exchange: Defending the Cloud in a Hostile Environment.

Slides:



Advertisements
Similar presentations
A Model for When Disclosure Helps Security: What is Different About Computer & Network Security? Peter P. Swire Ohio State University George Mason CII.
Advertisements

A Model for When Disclosure Helps Security Peter P. Swire Ohio State University Stanford Cybersecurity Conference November 22, 2003.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
 Cyber Ecosystem & Data Security Subhro Kar CSCE 824, Spring 2013 University of South Carolina, Columbia.
Firewall Query Engine and Firewall Comparison Engine Mohamed Gouda Alex X. Liu Computer Science Department The University of Texas at Austin.
Ch.5 It Security, Crime, Compliance, and Continuity
MSIT 458: Information Security & Assurance By Curtis Pethley.
Security Track Day 1 Richard Stiennon Chief Research Analyst IT-Harvest Blog: ThreatChaos.com twitter.com/stiennon IT-Harvest Confidential.
Controls for Information Security
Stephen S. Yau CSE , Fall Security Strategies.
Approaches to ---Testing Software Some of us “hope” that our software works as opposed to “ensuring” that our software works? Why? Just foolish Lazy Believe.
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
SANS Technology Institute - Candidate for Master of Science Degree Implementing and Automating Critical Control 19: Secure Network Engineering for Next.
SecureAware Building an Information Security Management System.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
SEC835 Database and Web application security Information Security Architecture.
PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*
CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,
SUNY FARMINGDALE Computer Programming & Information Systems BCS451 – Cloud Computing Prof. Tolga Tohumcu.
Summer,
Software Verification Academician V.P.Ivannikov, Director of ISPRAS Moscow, November 2008.
A Basic Introduction to Computer Security John H. Porter University of Virginia Department of Environmental Sciences.
Security at NCAR David Mitchell February 20th, 2007.
Are you ready Relentless change
Virtual Workspaces Kate Keahey Argonne National Laboratory.
Federal Cybersecurity Research Agenda June 2010 Dawn Meyerriecks
Legitimate Vulnerability Markets By: Jeff Wheeler.
Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
The Global Cybersecurity Innovation Summit THE BRITISH MUSEUM, LONDON 16 & 17 SEPTEMBER, 2014 Supported by Her Majesty’s Government and U.S. Department.
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
1- 1 Irwin/McGraw-Hill © The McGraw-Hill Companies, Inc., 1998 James A. O'Brien Fourth Edition Management Information Systems Managing Information Technology.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
PRESENTER PRIYANKA GUPTA.  Testing the complete system with respect to requirements.  In System testing, the functionalities of the system are tested.
Basic Concepts of Dependability Jean-Claude Laprie DeSIRE and DeFINE Workshop — Pisa, November 2002.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Fall 2008CS 334: Computer SecuritySlide #1 Design Principles Thanks to Matt Bishop.
Legal and Ethical Issues in Computer Security Csilla Farkas
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe.
按一下以編輯母片文字樣式 第二層 第三層 第四層 第五層 Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2016/2/16 1 OPLab, NTUIM.
Safe’n’Sec IT security solutions for enterprises of any size.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
Cybersecurity: Risk Management
Michael Wright • Chief Security Officer • Tech Lock
Juniper Software-Defined Secure Network
Chapter ? Quality Assessment
Cybersecurity Trends for 2018
Speaker’s Name, SAP Month 00, 2017
Cloud Computing Security: Mapping Concepts to Practical Techniques
CYB 100 Teaching Effectively-- snaptutorial.com
CYB 100 Become Exceptional/ newtonhelp.com. CYB 100 All Assignments For more course tutorials visit uophelp.com is now newtonhelp.com
I have many checklists: how do I get started with cyber security?
SECURITY MECHANISM & E-COMMERCE
Software testing strategies 2
Cybersecurity compliance for attorneys
12 STEPS TO A GDPR AWARE NETWORK
EC Strategy, Globalization, and SMEs
Small Business Technical Checkup for the 21st Century
Experience with Implementing IT and Information Security Solutions
Pam Matthews, FHIMSS Director of Business Information Systems Business Information Systems is focused around administrative and financial information.
Technology Convergence
Skybox for IoT Jason Smith – Channel Technical Director EMEA
Design Principles Thanks to Matt Bishop 2006 CS 395: Computer Security.
2019 2학기 고급운영체제론 ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks 3 # 단국대학교 컴퓨터학과 # 남혜민 # 발표자.
Presentation transcript:

Jim Stikeleather Chief Innovation Officer November 22, 2010 Technical Exchange: Defending the Cloud in a Hostile Environment

Security Cloud Security Legacy Issues Security Technology –Point solutions, Point processes, Physicality –Standards “nice to have” –Interoperability HW/SW –Maginot Line approach Governments –Economic risk / reward balance –Jurisdictional conflict (internal and external) –Geopolitical boundaries in cyberspace Enterprise –Parochialisms – image; legal; technology; competitive –ROI – Ford Pinto Approach –Secrecy – Unsafe at any Speed (Nader) The Jungle (Sinclair) Individuals –Reasonable, rational, prudent –Consumerization of IT/ Reversing the technology innovation flow 2

Unique to Cloud The multi-tennent problem –Bad news – larger suspect list (insiders) / lowest common denominator –Good news – distributed risk on break in / more focused resources The role collapse problem –Good news – fewer points of intersection (cracks) –Bad news – loss of separation of duties Shared Technology –Good news – Focus on quality, fix once fixed everywhere –Bad news – Break once, broken everywhere Outdated compliance rules Rewriting applications – stateless / ReSTful Cloud attack factories 3

Approaches Model checking, formal methods, and software analysis detect errors and, in the case of very simple systems, rigorously verify behavior as long as the foundational assumptions are correct. Most realistic cyber systems are too complex for rigorous verification, but can benefit from non-exhaustive analysis that will find a few of the straightforward vulnerabilities. Encapsulation, sandboxing, and virtual machines provide a way to “surround” otherwise unpredictable software, hardware, and networks with software or hardware that is more trusted. A common but often ineffective example is a network firewall. Complexity science drawing on biological and other analogues is the least exploited but possibly the most promising approach. Biological metaphors are part of the cyber lexicon: virus, worm, etc. Models of complex cyber systems and their emergent behavior are needed to understand the cybersecurity problem. 4

5 Thank you Jim Stikeleather, Chief Innovation Officer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.