• No results found

CLOUD COMPUTING DEMYSTIFIED

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CLOUD COMPUTING DEMYSTIFIED"

Copied!
62
0
0

Loading.... (view fulltext now)

Download now ( 62 Page )

Full text

(1)

CLOUD

COMPUTING

DEMYSTIFIED

(2)
(3)

Definitions

•Words have meaning, professionals need

to understand them.

•We need to understand that the public,

end-users, and the media will get things wrong, and not worry about that.

• Not much, anyway.

•There isn’t just one cloud, so saying “the

(4)

What do we mean by

“Cloud Security”?

•Securing data in a cloud environment?

• We will talk about this.

•Securing a cloud environment?

• That’s out of scope for this webinar. And for most people.

•Using a cloud service for security?

• You are already doing this for anti-virus, web and email security.

•We’re still struggling with similar confusion

(5)
(6)

Who Defines

“Cloud Computing”?

A lot of folks claim to, but I’ll stick

with:

NIST, National Institute of Standards

and Technology

• Their “Definition of cloud computing and related terminology” is good and concise. It is cited frequently in this deck

(7)

NIST Definition Of

Cloud Computing

Cloud computing is a model for enabling

convenient, on-demand network access to a shared pool of configurable computing

resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal

management effort or service provider interaction. This cloud model promotes

availability and is composed of five essential

(8)

NIST Definition Of

Cloud Computing

…convenient, on-demand network

access to a shared pool of

(9)

NIST Definition Of

Cloud Computing

…and is composed of:

five essential characteristics three service models

(10)

Alternate Definition Of

Cloud Computing

(11)
(12)

Service Models

Software as a Service (SaaS) Platform as a Service (PaaS)

(13)

Software as a Service (SaaS)

(14)

Isn’t This Just ASP?

It is an evolution of Application Service Provider offerings, but SaaS is different. How many ASPs offered:

Near instant provisioning? Global scalability?

Data portability?

(15)

SaaS/PaaS/IaaS Matrix

LAYER SaaS Control PaaS Control IaaS Control User

(16)

SaaS/PaaS/IaaS Matrix

LAYER SaaS Control PaaS Control IaaS Control User Consumer

Data and content Consumer Client Software Consumer Software Layer Provider Platform Layer Provider Infrastructure layer Provider Load balancers

(maybe)

(17)

Platform As A Service

(PaaS)

…deploy onto the cloud infrastructure consumer-created or acquired

applications*

(18)

SaaS/PaaS/IaaS Matrix

LAYER SaaS Control PaaS Control IaaS

Control

User Consumer Consumer

Data and content Consumer Consumer Client Software Consumer Consumer Software Layer Provider Consumer

Platform Layer Provider Provider Infrastructure layer Provider Provider Load balancers

(maybe)

(19)

Infrastructure as a Service

(Iaas)

(20)

Infrastructure as a Service

(Iaas)

…control over operating systems, storage, deployed applications, and possibly limited control of select

(21)

SaaS/PaaS/IaaS Matrix

LAYER SaaS Control PaaS Control IaaS Control

User Consumer Consumer Consumer Data and content Consumer Consumer Consumer Client Software Consumer Consumer Consumer Software Layer Provider Consumer Consumer

Platform Layer Provider Provider Consumer

Infrastructure layer Provider Provider Provider Load balancers

(maybe)

(22)

SaaS/PaaS/IaaS Matrix

LAYER SaaS Control PaaS Control IaaS Control Who has ultimate responsibility?

User Consumer Consumer Consumer Data and content Consumer Consumer Consumer Client Software Consumer Consumer Consumer Software Layer Provider Consumer Consumer Platform Layer Provider Provider Consumer Infrastructure layer Provider Provider Provider Load balancers

(maybe)

(23)
(24)
(25)

Anything as a Service?

Many more *aaS acronyms exist- but we are starting to move beyond this.

C: Compute N: Networking

S: Storage (but we already have another SaaS…)

(26)
(27)

Deployment Models

Public cloud Private cloud

Community cloud Hybrid cloud

(28)

Public Cloud

…available to the general public or a

(29)

Private Cloud

…operated solely for an organization.

…managed by the organization or a third party.

(30)

Community Cloud

Is shared by several organizations and supports a specific community that has shared concerns.

• Mission, security requirements, policy, and compliance considerations, etc.

(31)

Hybrid Cloud

…composition of two or more clouds… that remain unique entities but are bound together by… technology that enables

(32)

Virtual Private Cloud*

Created by isolating and securing Public Cloud facilities into a Private Cloud

configuration.

(33)
(34)

Characteristics

On-demand self-service Broad network access Resource pooling

(35)

On-demand Self-service

A consumer can unilaterally provision computing capabilities…

(36)

Broad Network Access

(37)

Resource Pooling

(38)
(39)
(40)

Resource Pooling

…customer generally has no control or

(41)

Resource Pooling*

*This is starting to fade as some providers begin offering dedicated hardware for

(42)

Rapid Elasticity

(43)

Rapid Elasticity

…the capabilities available for provisioning often appear to be unlimited and can be

(44)

Rapid

(45)

Measured Service

Cloud systems automatically control and optimize resource use by leveraging a

(46)
(47)

Availability

What if you are off the Internet, even briefly?

• Local copies mean synchronization and reconciliation.

(48)

And What About…

Portability and interoperability?

Compliance?

• This is a rabbit hole-

(49)

Unique Commodities?

Sounds like an oxymoron, but it isn’t.

The unique offerings of cloud service providers are both assets and liabilities to the consumer due to limits imposed on portability.

Want to have some fun? Ask cloud providers about their network design and how that enables or

(50)

Compliance And Audit

How does a small department or organization demand SLAs and accountability?

• That’s right, we can’t.

(51)

Network Visibility

Network visibility is tricky with

virtualization; is it even possible in a cloud?

(52)

Agent Software

Since we do not have access to the

network or server hardware, we may need to deploy software agents to inspect

systems and traffic for us.

(53)

Do not forget the basics

(54)

Disaster Recovery

(55)

But wait…

Cloud computing offers many benefits, don’t let the dangers scare you away.

Assess the risks and rewards, determine

what (if anything) is appropriate for moving to a cloud computing platform.

Compare providers and choose the best for your needs.

(56)
(57)

Feeling left out?

Want to play in the clouds, but don’t have a budget? Or much time?

There are nearly free Amazon micro instances.

Cloudshare has a 14-day free trial. CloudSigma has a 7-day free trial.

(58)

References

Primary reference documents for this presentation:

NIST

• Definition of cloud computing and related terminology

• Cloud Computing Reference Architecture

(59)

References

Additional references used in this presentation:

Cloud Computing Wiki

OpenCrowd Cloud Taxonomy

(60)

References

The single best document, from the

Australian Defence Signals Directorate:

http://www.dsd.gov.au/publications/Cloud_ Computing_Security_Considerations.pdf

(61)

Career Study Project

A group of us in the security community are researching what makes security

professionals tick, and what makes us twitch. Please consider helping with the research by taking about ten minutes to request access and take our current

survey. Details are at:

(62)

References

Download now ( PDF - 62 Page - 0.95 MB )

Related documents

An Intelligent Mobility Prediction Scheme for Location-Based Service over Cellular Communications Network

Secondly, innovation and examination of new mobility prediction techniques will be based on three hypothesises that are suitable for cellular communications network and mobile user

Solutions as a Service N.Konstantinidis Technical Director - MNG

Cloud Computing ‘Stack’ Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) (IaaS) Network as a Service (NaaS) Data Center

Curriculum Vitae Belford Hernandez

Choral Director of Treble Ensemble, Chamber Singers, Male Choir, and Choral Accompanist, Downers Grove South High School.. Downers

Standardizing Cloud Services for Financial Institutions through the provisioning of Service Level Agreements (SLAs)

Resource Abstraction and Control Layer Service Layer IaaS SaaS PaaS Cloud Auditor Security Audit Privacy Impact Audit Performance Audit Cloud Broker Service

Trading Votes for Votes. A Dynamic Theory

The central finding of the paper is a general existence re- sult: there always exists a sequence of payoff-improving trades that leads to a stable vote allocation in finite time,

Causation Delays and Causal Neutralization up to Three Steps Ahead: The Money-Output Relationship Revisited

In models of money supply growth ∆m, output growth ∆y, inflation ∆p, fluctuations in an interest rate ∆r and a rate spread rr, however, we find only one case in which

Understanding how irrigation, plant physiology, and the Madden-Julian Oscillation shape regional water cycles and their extremes

xii Outstanding Undergraduate Award 2014 Department of Atmospheric Sciences, Texas A&M University Hollings Scholar 2013-2014 National Oceanic

KP.reader 3-Predictive Stellar Astro

Disease is indicated by the 6' Cusp, 6th house, planets in the constellation of the occupants of the 6th house, the occupants of the &I' house, the planets in the constellation