Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.

Published byRoger Phillips Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015."— Presentation transcript:

1 Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015

2 Agenda Security - need for change What is different Challenges Typical use cases What if… Emerging capabilities

3 Future of Computing Security Predictable? Not really, but opportunity rich! Present situational awareness Cloud, multiple instances with different control and governance models Nearly ubiquitous connectivity Smart phones and wearable devices Automobiles that are online, potentially participating in a mobile office experience

4 In the Clouded World Computing essentially happens everywhere The enterprise has no physical or concrete boundary Different devices participate in the enterprise and user experience Devices may participate in multiple enterprises Distributed Enterprise is the Norm

5 Cloud → Change in IT Security Traditional IT Paradigms under stress Not only about the device, network protection and prevention, or ‘defense in depth’ strategies Our data is everywhere, multi-jurisdictional How to maintain mission resiliency with better IT? Enable both offense and defense Cloud technology ‘abstracts’ reality – interferes with traditional boundary & containment approaches Virtualized network, storage, machines, resources Provides accelerated dynamic response to needs Is flexibility an advantage? It depends….

6 Servers End Devices Multi-Cloud Protected Data Multi-Provider Tough Problems Multi-dimensional platform integrity (compute, storage, network) Deployable ‘STIG-ability’ in the virtual world Dynamic patch management & operations Software defined network Volume management & content protection How to protect sensitive information? No matter where the data is Or what is processing Application authenticity Is the application compromised? Is this the right application?

7 Current Situation – Typical Use Cases We care about financial transactions, medical records, legal documents, detecting fraud, IDAM authenticity, etc. Content confidentiality, assurance, non-repudiation, transactional pedigree, separation of concerns and duties Conventional host based security models Determine identity within trusted governed domain or application Explicit rights in localized context Persona: identity has context, rights defined within domain, different in another domain, rarely identity transferable with assurance (gov’t PKI bridge, cert attributes) E.g. maintaining logon IDs to web sites Host is responsible for identity controlled access Applicable to well controlled contiguous environments Controlled host and network environments are no longer the norm with cloud, ubiquitous networks, global business

8 What if We Had… Offline revocation of credentials Data that knows where it has been Conditional processing data (including multi-factor) Offline content protection that Works anywhere Host independent Next generation electronic signatures Smart signed applications & content More than installation license integrity Run-time integrity

9 What Should we Anticipate? Application trust for multi-jurisdictional transactions and content manipulation Next Gen Certificates mean more than authenticity Implied credentials, membership associations Multi-domain rights adjudication Message payload, context, and forgery resistance Transactional sequencing integrity and assurance Content protection beyond transport and rest Transport ‘man-in-the-middle’ assumes an intercept Endpoint & identity forgery (malware) Content hostage Should an application (or machine) know where it is running to determine trust of the surroundings? Does an application need to travel with its own mini-trusted OS for integrity?

10 Emerging Capabilities Application resiliency Cloud based forensics Legacy application migration Transformation not re-hosting Achieving appropriate continuous security posture Upgrades and enhanced software defined infrastructures (network, compute, and storage) Offense and Defense on agile platforms and environments Maintaining configuration and control over a changing environment and knowing what change is correct - all the time

11 Emerging Capabilities (cont’d) Dynamic Operations, Infrastructures, and Participants Sensitive data sharing across coalition, assured delivery – on a hostile commercial platform Commercial examples Healthcare medical records Financial transactions Content, rights management & IDAM Joint and dynamic coalition partners – smarter data tagging Data is the new platform

12 Questions?

Download ppt "Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015."

Similar presentations

Network Systems Sales LLC

Network Systems Sales LLC
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
2  Industry trends and challenges  Windows Server 2012: Beyond virtualization  Complete virtualization platform  Improved scalability and performance.

2  Industry trends and challenges  Windows Server 2012: Beyond virtualization  Complete virtualization platform  Improved scalability and performance.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
Built on the Powerful Microsoft Azure Platform, EventsAIR Provides a Turnkey, Robust Technology Solution for Professional Event Organizers MICROSOFT AZURE.

Built on the Powerful Microsoft Azure Platform, EventsAIR Provides a Turnkey, Robust Technology Solution for Professional Event Organizers MICROSOFT AZURE.
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Simple Online Accounts for Your Business – With Help from Microsoft Azure, Big Red Cloud Makes Accounting Easier for Thousands of Businesses MICROSOFT.

Simple Online Accounts for Your Business – With Help from Microsoft Azure, Big Red Cloud Makes Accounting Easier for Thousands of Businesses MICROSOFT.
© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.

© 2011 IBM Corporation Smarter Software for a Smarter Planet The Capabilities of IBM Software Borislav Borissov SWG Manager, IBM.
With the Help of the Microsoft Azure Platform, Awingu’s Web-Based Workspace Aggregator Enables Concrete and Easy Mobility Scenarios MICROSOFT AZURE ISV.

With the Help of the Microsoft Azure Platform, Awingu’s Web-Based Workspace Aggregator Enables Concrete and Easy Mobility Scenarios MICROSOFT AZURE ISV.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Next-Generation Formotus Forms Replace Paper and InfoPath with Mobile Business Applications Created and Deployed Using Microsoft Azure MICROSOFT AZURE.

Next-Generation Formotus Forms Replace Paper and InfoPath with Mobile Business Applications Created and Deployed Using Microsoft Azure MICROSOFT AZURE.
Protect Your Business-Critical Data in the Cloud with SoftNAS, a Full-Featured, Highly Available Solution for the Agile Microsoft Azure Platform MICROSOFT.

Protect Your Business-Critical Data in the Cloud with SoftNAS, a Full-Featured, Highly Available Solution for the Agile Microsoft Azure Platform MICROSOFT.
CSI Software Offers Fully Integrated, Single-Source Enterprise Software for Membership-Based Facilities COMPANY PROFILE: CSI SOFTWARE CSI Software was.

CSI Software Offers Fully Integrated, Single-Source Enterprise Software for Membership-Based Facilities COMPANY PROFILE: CSI SOFTWARE CSI Software was.
Application Policy on Network Functions (APONF) G. Karagiannis and T.Tsou 1.

Application Policy on Network Functions (APONF) G. Karagiannis and T.Tsou 1.
Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.
MICROSOFT AZURE ISV PROFILE: D-SCOPE SYSTEMS D-Scope Systems is an enterprise-level medical media product and integration specialist company. It provides.

MICROSOFT AZURE ISV PROFILE: D-SCOPE SYSTEMS D-Scope Systems is an enterprise-level medical media product and integration specialist company. It provides.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Bizfss File Sync and Sharing Solution, Built on Microsoft Azure, Allows Businesses to Sync, Share, Back Up Using Their Own Cloud Storage MICROSOFT AZURE.

Bizfss File Sync and Sharing Solution, Built on Microsoft Azure, Allows Businesses to Sync, Share, Back Up Using Their Own Cloud Storage MICROSOFT AZURE.
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.

Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.

Similar presentations

Ads by Google