SlideShare ist ein Scribd-Unternehmen logo
1 von 27
Downloaden Sie, um offline zu lesen
Security in a Cloudy Architecture
Geri Born
Enterprise Solutions Group
The following is intended to outline our general
                 product direction. It is intended for information
                 purposes only, and may not be incorporated into any
                 contract. It is not a commitment to deliver any
                 material, code, or functionality, and should not be
                 relied upon in making purchasing decisions.
                 The development, release, and timing of any
                 features or functionality described for Oracle’s
                 products remain at the sole discretion of Oracle.




© 2010 Oracle Corporation                                              2
Agenda




            •    Introduction
            •    Security Challenges
            •    Identity and Access Management
            •    Database Security
            •    Conclusion
            •    Q&A




© 2010 Oracle – Proprietary and Confidential
                   3
Enterprise Evolution to Cloud
                                                            Public Clouds                     Hybrid


                                                                                IaaS          PaaS         IaaS
                                                               SaaS
                                           Public Cloud
                                             Evolution                   PaaS          SaaS


                 Private Cloud Evolution                                                       Virtual Private Cloud



                                           App1 App2 App3             App1 App2 App3           App1 App2 App3
                    App1 App2 App3
                                             Private PaaS               Private PaaS              Private PaaS

                                             Private IaaS               Private IaaS               Private IaaS


                       Silo’d               Grid            Private Cloud                     Hybrid
             •    Physical           •   Virtual            • Self-service      • Federation with
             •    Dedicated          •   Shared services    • Policy-based        public clouds
             •    Static             •   Dynamic              resource mgmt     • Interoperability
             •    Heterogeneous      •   Standardized       • Chargeback        • Cloud bursting
                                         appliances         • Capacity planning



© 2010 Oracle Corporation                                                                                              4
Key Barriers to Cloud Computing


                                                   74%               74% rate
                                                                  cloud security
                                                                     issues as
                                                                       ―very
                                                                    significant‖
                                                                     Source: IDC




                                                • Data privacy
                                                • Compliance
                                               • Access control


© 2010 Oracle – Proprietary and Confidential
                   5
Cloud Security Challenges



                              Private          Hybrid            Public
                              Cloud            Cloud             Cloud

                        • IT agility            • Interop      • Data breaches
                       • B2B collab              • User         • Multi-tenancy
                     • Access control           experience      • Data location
                         complexity            • Workload        • Compliance
                     • Privileged user           portability
                           access                 • SLA




© 2010 Oracle – Proprietary and Confidential
                   6
Cloud Architecture & Management
                                                                 Self Service Interface


         Integrate                    Chargeback &                            Self Service                                                   Assembly
                                                                                                    Software Library
     with external                   Capacity Planning                        Provisioning                                                    Builder
             billing
           system
                                                              Policy Manager (SLA Mgmt, DRS, DPM)


                                                 Monitoring                   Provisioning      Config. Mgmt.                            Integrate with external
                                                                                                                                                 CMDB


                                                                                                            External
                                                              Oracle Virtualization Plugin                                               e.g., Amazon
                                                                                                          Cloud Plugin
      Cloud Management Layer

                   Zone A                                                                       Zone B
                            Server Pool                            Server Pool                                Server Pool


                       Tightly coupled cluster                 Tightly coupled cluster                Loose grouping of individual
                        (HA, Live Migration)                    (HA, Live Migration)                machines (no HA or Live Migration)


                             Storage Array                              Storage Array                  Storage Array (optional)


                                                      Storage Array
                                                                                                Storage Array


      Cloud Infrastructure Layer



© 2010 Oracle Corporation                                                                                                                                          8
Enterprise Architecture: Process for Securing the
                                                                                                                                                                         Cloud
                                                                                                                                                                                                                                                                                  IT-as-a-Service




                                                                                                                                                                                                                                   Optimized IT Core

                                                                                                                                                                                                                             Service Group A


                                                                                                                                                                                                                             Application Grid



                                                                                                                                                                                                                                Data Grid
                                                                                                                                                                                                                                                Integration Layer

                                                                                                                                                                                                                                                Service Group B


                                                                                                                                                                                                                                                Application Grid


                                                                                                                                                                                                                                                  Data Grid
                                                                                                                                                                                                                                                                    Service Group C


                                                                                                                                                                                                                                                                    Application Grid


                                                                                                                                                                                                                                                                      Data Grid
                                                                                                                                                                                                                                                                                                                 Enterprise
                                                                                                                                                                         Transitional                                                            Security Layer




                                                                                                                                                                                                                                                                                                                Architecture
                                                                                                                                                                          Pt. to Pt. Integrations

                                                                                                                                                                                                                      Inv
                                                                                                                                                    SFAProduct       product ERP SCM    productMES- DB         LMS MGMT
                     Complexity                                                                                                                        SFA-Product
                                                                                                                                                   SFA Stage
                                                                                                                                                           Product
                                                                                                                                                                              ERP-
                                                                                                                                                                              Stage
                                                                                                                                                                                       product Dev
                                                                                                                                                                                                       DB-
                                                                                                                                                                                                      Stage
                                                                                                                                                                                                                  B2B
                                                                                                                                                                                                                     B2B-
                                                                                                                                                                                                                B2B- Stage
                                                                                                                                                     SFA-                 ERP-              MES- MES-
                                                                                                                                                                                                                Dev
                                                                                                                                                      Test                Prod              Stage Prod

                          1
    Client
                                                                                                                                                     SFAProduct      product ERP SCM     productMES- DB         LMSInv
                                                                                                                                                                                                        DB-
                      FBT                       PAY G
                                                                                 NTS
                                                                                                                                                           Product             ERP-     product Dev    Stage
                                                                                                                                                                                                                  MGMT
                                                                                                           TRDS
                                                                                                                                                                               Stage
 Customs                                                               NTS A/c

                                                                                                                    Data…….                        Security             Security          Security             Security
                                           Penalty
                                                                                                                     RBA
                                                                                                                     De f
    RRE                                                                          Re funds
                              IPS                    Integrate d A/C
                                                                                                       1

Excise                                                                                         Payments


                                                                                                                    CCD         Compliance
                                                                                                                                  Staff
             CR                     EC I             ADD               AWA             ELS
                                                                                                            Staff
Business                                                                                                    Phone
                                                     DDDR                                                              TASS
             PKI               CDCC
                                                      CWMS                GC I                                                        Bus. Intel

     IVR                                                                                                     WOC
                                                                                                                            Ref aterial
                                                                                                                              m

                                                                                                                                          BOA
                                                                          Remote              TAX
                                       Client    BANK       Staff          Staff             AG ENTS              Call Centres
                   B EP




                                                                                                                       1                           Align Business & IT                                                                                                                              3    Focus on Future State


                                                                                                                     2 Governance Model                                                                                                                                                             4   Repeatable, Iterative Approach
The Oracle-Sun Red Stack
V    Third Party                                          ISV
                            Oracle Applications
I    Applications                                      Applications
R
T                   Platform as a Service
U                                                                                       Cloud Management
                             Shared Services
A
                                                                                      Oracle Enterprise Manager
L   Integration:     Process Mgmt:      Security:      User Interaction:
I    SOA Suite         BPM Suite       Identity Mgmt    WebCenter                        Configuration Mgmt
Z
A                                                       Connect
    Application Grid: WebLogic Server, Coherence, Tuxedo, JRockit          Policies to Controls Management
                                                                                         Lifecycle
T
      Database Grid: Oracle Database, RAC, ASM, Partitioning,
I        IMDB Cache, Active Data Guard, Database Security                              Application Performance
                                                                                             Management
O
N             Infrastructure as a Service                                                 Application Quality
                                                                                            Management
           Oracle Solaris
            Operating Systems: OracleOracle Enterprise Linux
                                     Enterprise Linux
       Oracle VM for SPARC (LDom)
              Solaris Containers                             Connect
                                             Oracle VM for x86             Policies to Controls Center
                                                                                            Ops

                                     Servers                                             Physical and Virtual
                                                                                        Systems Management
                                     Storage
Agenda




            •    Introduction
            •    Security Challenges
            •    Identity and Access Management
            •    Database Security
            •    Conclusion
            •    Q&A




© 2010 Oracle – Proprietary and Confidential
                   11
Service-Oriented Security
                 Identity Services for the Cloud
                                                  Oracle Identity Management
            Identity
                                       Role Management   Directory Services    Authentication   Authorization           Federation
          Administration




                            Web Services                             Web Services                               Web Services




                           Oracle Apps                           3rd Party/Custom Apps             Cloud Service Providers

                                  •    Enable IDM functionality - FW
                                  •    Discrete, easily consumable services
                                  •    Rapid app security, improved IT agility
                                  •    Security woven - applications

© 2010 Oracle – Proprietary and Confidential
                   12
Identity Management Challenges in the
                 Private Cloud



                                               Cloud model requires identity
                                                      infrastructure:
                                               • Service-oriented
                                               • Standards-based
                                               • Loosely coupled
                          Mind The Gap



© 2010 Oracle – Proprietary and Confidential
                   13
Identity Management Considerations in the
                 Public Cloud
                                                                                            IAM Service Provider
                                    Business Service Provider

                                                                                             Identity    Identity
                                         Identity   Identity
                                                                                            Assurance     Admin
                                       Assurance    Admin




                                                                Business Service Consumer


                                                                   Identity     Identity
                                                                  Federation   Assurance




                                                          • User lifecycle mgmt
                                                          • Federated authN
                                                          • Fraud prevention & risk mitigation



© 2010 Oracle – Proprietary and Confidential
                   14
User Provisioning

                                                  Oracle Identity Manager
                                                        Provisioning

                                                      Self Registration

                                                          Audit, Reporting, Attestation

                                                       Integration Framework with
                                                             Adapter Factory




                                            • Comprehensive lifecycle admin & mgmt
                                        • Delegated admin & self-service reduce overhead
                                               • Automated compliance reporting


© 2010 Oracle – Proprietary and Confidential
                   15
Entitlements Management

                                                          Oracle Access Management
                                                                     Suite
                                                                                               Custom Apps
            Employees                                     Fine-grained Authorization




                                                                                                    App
                                                                                       App
                                                          Centralized Administration

              Partners
                                                                                             Portals/SharePoint
                                                           Distributed Enforcement




                                                                                                             App
                Customers                                                                     Web Services




                                               • Externalization of authZ policy mgmt
                                               • Distributed policy enforce
                                               • FGA


© 2010 Oracle – Proprietary and Confidential
                   16
Identity Federation
                 Federated Single Sign-On
                                                             Oracle Identity
                                                              Federation                 On-Premise

                                                                SAML 1.x                Applications
     Employees/Partners/                                        SAML 2.0
         Customers
                                                           Windows CardSpace
                                                                 WS-Fed
                                                                 OpenID



                 Business
         Affiliates/Subsidiaries
                                                                                         Cloud Applications



                                                 • SSO between on-premise & cloud apps
                                               • Standards-based federation enables interop
                                                           • Rapid deployment


© 2010 Oracle – Proprietary and Confidential
                   17
Identity Assurance
                 Risk-Based Access Control

                                                        Oracle Access Management Suite
                                               Secure Mutual                       Risk-Based
                                                                   Risk Scoring
                                               Authentication                     Authorization
                                                                     Device
 Employees/Partners/
     Customer                                                      Geography                        Cloud Apps
                                                                     Time
                                                                    Activity




         Fraudster
                                                                                                  On-Premise Apps



                                                              • Out-of-band authN
                                                               • Identity proofing
                                                           • Real-time fraud prevention



© 2010 Oracle – Proprietary and Confidential
                   18
Agenda




            •    Introduction
            •    Security Challenges
            •    Identity and Access Management
            •    Database Security
            •    Conclusion
            •    Q&A




© 2010 Oracle – Proprietary and Confidential
                   19
Multi-Tenant Data Management
                                         Option 1                  Option 2               Option 3




                      Shared (Virtualized) Hardware              Shared Database      Shared Schema


                                                               RISK

                                               • Privileged database user
                                               • Lost backups containing sensitive data or PII
                                               • Application exploits & by-pass
                                               • Regulatory infractions




© 2010 Oracle – Proprietary and Confidential
                   20
Database Security Defense-In-Depth
                                                            Encryption & Masking
                                                             • Advanced Security
                                                             • Secure Backup
                                                             • Data Masking

                                                                 Access Control
                                                             • Database Vault
                                                             • Label Security

                                                                    Monitoring
                                                             • Audit Vault
                                     Encryption & Masking    • Configuration Management
                                                             • Total Recall
                                           Access Control
                                               Monitoring
                                                            User/Role Management
                                    User/Role Management    • Oracle Identity Management




© 2010 Oracle – Proprietary and Confidential
                   21
Oracle Advanced Security
                 Comprehensive Standards-Based Encryption

                                                                                       Disk


                                                                                       Backups


                                                                                       Exports

                                                                                       Off-Site
                                                                                       Facilities




                                               • Data stays encrypted when backed up
                                               • Encryption for data in transit
                                               • Strong authN of users & servers




© 2010 Oracle – Proprietary and Confidential
                   22
Oracle Data Masking
                 Irreversible De-Identification


                               Production                                  Non-Production
       LAST_NAME               SSN             SALARY           LAST_NAME      SSN           SALARY

       AGUILAR                 203-33-3234     40,000           ANSKEKSL       111—23-1111     60,000

       BENSON                  323-22-2943     60,000           BKJHHEIEDK     222-34-1345     40,000




                        • Remove sensitive data from non-prod DBs
                        • Ref Integ preserved
                        • Sensitive data never leaves the database




© 2010 Oracle – Proprietary and Confidential
                   23
Oracle Database Vault
                 Privileged User Access Control & Multi-Factor Authorization



                                               Procurement
                                                                            DBA
                                                   HR
                    Application
                                                 Finance

                                                             select * from finance.customers




                   • Privileged DB users perform admin
                   • Address SoD reqmts
                   • Enforce security policies & block unauth DB activities




© 2010 Oracle – Proprietary and Confidential
                   24
Oracle Configuration Management
                 Vulnerability Assessment & Secure Configuration


                                                                                                                     Monitor




                                                   Discover   Classify     Assess       Prioritize             Fix       Monitor

                                                    Asset                                      Configuration
                                                                Policy       Vulnerability                           Analysis &
                                                 Management                                    Management
                                                              Management
                                                                             Management                              Analytics
                                                                                                     & Audit




                            • DB discovery
                            • Continuous scanning best practices & industry standards
                            • Detect & prevent unauthZ config changes
                            • Change mgmt compliance reports



© 2010 Oracle – Proprietary and Confidential
                   26
Agenda




            •    Introduction
            •    Security Challenges
            •    Identity and Access Management
            •    Database Security
            •    Conclusion
            •    Q&A




© 2010 Oracle – Proprietary and Confidential
                   27
Regulatory Considerations for Cloud
                 Security

                 ENFORCE                                 MONITOR        Enforce Controls
               CONTROLS                                 CONTROLS



                                                                       Monitor Controls
                                               Oracle
                                 Security Solutions
                                                                     Streamline Processes

               AUTOMATE                                 STREAMLINE
               REPORTING                                PROCESSES     Automate Reporting




© 2010 Oracle – Proprietary and Confidential
                   28
29
© 2010 Oracle Corporation        29

Weitere ähnliche Inhalte

Was ist angesagt?

Application Grid: Platform for Virtualization and Consolidation of your Java ...
Application Grid: Platform for Virtualization and Consolidation of your Java ...Application Grid: Platform for Virtualization and Consolidation of your Java ...
Application Grid: Platform for Virtualization and Consolidation of your Java ...Bob Rhubart
 
IBM SmartCloudEnterprise use of IBM Rational Solutions
IBM SmartCloudEnterprise use of IBM Rational SolutionsIBM SmartCloudEnterprise use of IBM Rational Solutions
IBM SmartCloudEnterprise use of IBM Rational SolutionsAlex Amies
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudBob Rhubart
 
Implementing Process Controls and Risk Management with Novell Compliance Mana...
Implementing Process Controls and Risk Management with Novell Compliance Mana...Implementing Process Controls and Risk Management with Novell Compliance Mana...
Implementing Process Controls and Risk Management with Novell Compliance Mana...Novell
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOABob Rhubart
 
Cloud Computing: Making IT Simple
Cloud Computing: Making IT SimpleCloud Computing: Making IT Simple
Cloud Computing: Making IT SimpleBob Rhubart
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudNovell
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementNishant Kaushik
 
BSM201.pdf
BSM201.pdfBSM201.pdf
BSM201.pdfNovell
 
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityExtending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityJerome Leonard
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureBob Rhubart
 
Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century Bob Rhubart
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...IBM Danmark
 
The Cloud Concierge
The Cloud ConciergeThe Cloud Concierge
The Cloud ConciergeBob Rhubart
 
VMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseMike K
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...Eucalyptus Systems, Inc.
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachNovell
 

Was ist angesagt? (19)

Application Grid: Platform for Virtualization and Consolidation of your Java ...
Application Grid: Platform for Virtualization and Consolidation of your Java ...Application Grid: Platform for Virtualization and Consolidation of your Java ...
Application Grid: Platform for Virtualization and Consolidation of your Java ...
 
IBM SmartCloudEnterprise use of IBM Rational Solutions
IBM SmartCloudEnterprise use of IBM Rational SolutionsIBM SmartCloudEnterprise use of IBM Rational Solutions
IBM SmartCloudEnterprise use of IBM Rational Solutions
 
Oracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the CloudOracle VM Consolidation and Path to the Cloud
Oracle VM Consolidation and Path to the Cloud
 
Implementing Process Controls and Risk Management with Novell Compliance Mana...
Implementing Process Controls and Risk Management with Novell Compliance Mana...Implementing Process Controls and Risk Management with Novell Compliance Mana...
Implementing Process Controls and Risk Management with Novell Compliance Mana...
 
21st Century SOA
21st Century SOA21st Century SOA
21st Century SOA
 
Cloud Computing: Making IT Simple
Cloud Computing: Making IT SimpleCloud Computing: Making IT Simple
Cloud Computing: Making IT Simple
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
 
Building a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity ManagementBuilding a Strong Foundation for Your Cloud with Identity Management
Building a Strong Foundation for Your Cloud with Identity Management
 
The SDN Opportunity
The SDN OpportunityThe SDN Opportunity
The SDN Opportunity
 
BSM201.pdf
BSM201.pdfBSM201.pdf
BSM201.pdf
 
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityExtending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the Future
 
Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...
Konsolider, optimer og automatiser dit servermiljø med IBM PureApplications S...
 
The Cloud Concierge
The Cloud ConciergeThe Cloud Concierge
The Cloud Concierge
 
VMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell GroupwiseVMware Zimbra vs. Novell Groupwise
VMware Zimbra vs. Novell Groupwise
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 

Ähnlich wie Security in a Cloudy Architecture

considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...Web2Present
 
Swarm Computing Next Generation Clouds and the role of SOA
Swarm Computing Next Generation Clouds and the role of SOASwarm Computing Next Generation Clouds and the role of SOA
Swarm Computing Next Generation Clouds and the role of SOAJürgen Kress
 
Becloud hybrid cloud
Becloud hybrid cloudBecloud hybrid cloud
Becloud hybrid cloudBecloud
 
Infrastructure Consolidation and Virtualization
Infrastructure Consolidation and VirtualizationInfrastructure Consolidation and Virtualization
Infrastructure Consolidation and VirtualizationBob Rhubart
 
Cloud Networking: Network aspects of the cloud
Cloud Networking: Network aspects of the cloudCloud Networking: Network aspects of the cloud
Cloud Networking: Network aspects of the cloudSAIL
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs EliteJon G. Hall
 
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle BH
 
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Internap
 
Cloud Deployment Models
Cloud Deployment ModelsCloud Deployment Models
Cloud Deployment ModelsStanton Jones
 
Nyc lunch and learn 03 15 2012 final
Nyc lunch and learn   03 15 2012 finalNyc lunch and learn   03 15 2012 final
Nyc lunch and learn 03 15 2012 finalInternap
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...Eucalyptus Systems, Inc.
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...Eucalyptus Systems, Inc.
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMwareOpSource
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyInternap
 
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012
The Cloud and Next Gen IT   Gordon Haff - p camp-boston2012The Cloud and Next Gen IT   Gordon Haff - p camp-boston2012
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012ProductCamp Boston
 
Gartner Catalyst Savvis Cloud API Case Study
Gartner Catalyst   Savvis Cloud API Case StudyGartner Catalyst   Savvis Cloud API Case Study
Gartner Catalyst Savvis Cloud API Case StudyCA API Management
 

Ähnlich wie Security in a Cloudy Architecture (20)

considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
considering the cloud? From IaaS to SaaS and Beyond - Find Your Path to the C...
 
Swarm Computing Next Generation Clouds and the role of SOA
Swarm Computing Next Generation Clouds and the role of SOASwarm Computing Next Generation Clouds and the role of SOA
Swarm Computing Next Generation Clouds and the role of SOA
 
Becloud hybrid cloud
Becloud hybrid cloudBecloud hybrid cloud
Becloud hybrid cloud
 
Infrastructure Consolidation and Virtualization
Infrastructure Consolidation and VirtualizationInfrastructure Consolidation and Virtualization
Infrastructure Consolidation and Virtualization
 
Going to the Cloud
Going to the Cloud Going to the Cloud
Going to the Cloud
 
Cloud Networking: Network aspects of the cloud
Cloud Networking: Network aspects of the cloudCloud Networking: Network aspects of the cloud
Cloud Networking: Network aspects of the cloud
 
Considering the Cloud? 5 Points to Consider
Considering the Cloud? 5 Points to ConsiderConsidering the Cloud? 5 Points to Consider
Considering the Cloud? 5 Points to Consider
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs Elite
 
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
 
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
 
MISA Cloud workshop - Cloud 101
MISA Cloud workshop - Cloud 101MISA Cloud workshop - Cloud 101
MISA Cloud workshop - Cloud 101
 
Cloud Deployment Models
Cloud Deployment ModelsCloud Deployment Models
Cloud Deployment Models
 
PCI and the Cloud
PCI and the CloudPCI and the Cloud
PCI and the Cloud
 
Nyc lunch and learn 03 15 2012 final
Nyc lunch and learn   03 15 2012 finalNyc lunch and learn   03 15 2012 final
Nyc lunch and learn 03 15 2012 final
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
 
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
How to Transform Enterprise Applications to On-premise Clouds with Wipro and ...
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012
The Cloud and Next Gen IT   Gordon Haff - p camp-boston2012The Cloud and Next Gen IT   Gordon Haff - p camp-boston2012
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012
 
Gartner Catalyst Savvis Cloud API Case Study
Gartner Catalyst   Savvis Cloud API Case StudyGartner Catalyst   Savvis Cloud API Case Study
Gartner Catalyst Savvis Cloud API Case Study
 

Mehr von Bob Rhubart

Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityBob Rhubart
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Cloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionCloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionBob Rhubart
 
High Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingHigh Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingBob Rhubart
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureBob Rhubart
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureBob Rhubart
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureBob Rhubart
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsBob Rhubart
 
Cloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsCloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsBob Rhubart
 
Manage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudManage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudBob Rhubart
 
21st Century Service Oriented Architecture
21st Century Service Oriented Architecture21st Century Service Oriented Architecture
21st Century Service Oriented ArchitectureBob Rhubart
 
Application-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsApplication-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsBob Rhubart
 
Oracle Enterprise Manager
Oracle Enterprise ManagerOracle Enterprise Manager
Oracle Enterprise ManagerBob Rhubart
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureBob Rhubart
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudBob Rhubart
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Cloud Computing - Making IT Simple
Cloud Computing - Making IT SimpleCloud Computing - Making IT Simple
Cloud Computing - Making IT SimpleBob Rhubart
 
Event Driven Architecture (EDA) Reference Architecture | Anbu Krishnaswamy
Event Driven Architecture (EDA) Reference Architecture | Anbu KrishnaswamyEvent Driven Architecture (EDA) Reference Architecture | Anbu Krishnaswamy
Event Driven Architecture (EDA) Reference Architecture | Anbu KrishnaswamyBob Rhubart
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Diagnosability vs The Cloud
Diagnosability vs The CloudDiagnosability vs The Cloud
Diagnosability vs The CloudBob Rhubart
 

Mehr von Bob Rhubart (20)

Enterprise Strategy for Cloud Security
Enterprise Strategy for Cloud SecurityEnterprise Strategy for Cloud Security
Enterprise Strategy for Cloud Security
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Cloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud AdoptionCloud Computing - A Pragmatic Approach to Cloud Adoption
Cloud Computing - A Pragmatic Approach to Cloud Adoption
 
High Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud ComputingHigh Availability Infrastructure for Cloud Computing
High Availability Infrastructure for Cloud Computing
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
 
Oracle Cloud Reference Architecture
Oracle Cloud Reference ArchitectureOracle Cloud Reference Architecture
Oracle Cloud Reference Architecture
 
Engineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the FutureEngineered Systems: Oracle's Vision for the Future
Engineered Systems: Oracle's Vision for the Future
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
 
Cloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and DirectionsCloud Computing Industry Trends and Directions
Cloud Computing Industry Trends and Directions
 
Manage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the CloudManage and Monitor Oracle Applications in the Cloud
Manage and Monitor Oracle Applications in the Cloud
 
21st Century Service Oriented Architecture
21st Century Service Oriented Architecture21st Century Service Oriented Architecture
21st Century Service Oriented Architecture
 
Application-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural ConsiderationsApplication-Driven Virtualization: Architectural Considerations
Application-Driven Virtualization: Architectural Considerations
 
Oracle Enterprise Manager
Oracle Enterprise ManagerOracle Enterprise Manager
Oracle Enterprise Manager
 
Engineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the FutureEngineered Systems: Oracle’s Vision for the Future
Engineered Systems: Oracle’s Vision for the Future
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the CloudRationalization and Defense in Depth - Two Steps Closer to the Cloud
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Cloud Computing - Making IT Simple
Cloud Computing - Making IT SimpleCloud Computing - Making IT Simple
Cloud Computing - Making IT Simple
 
Event Driven Architecture (EDA) Reference Architecture | Anbu Krishnaswamy
Event Driven Architecture (EDA) Reference Architecture | Anbu KrishnaswamyEvent Driven Architecture (EDA) Reference Architecture | Anbu Krishnaswamy
Event Driven Architecture (EDA) Reference Architecture | Anbu Krishnaswamy
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Diagnosability vs The Cloud
Diagnosability vs The CloudDiagnosability vs The Cloud
Diagnosability vs The Cloud
 

Kürzlich hochgeladen

Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 

Kürzlich hochgeladen (20)

Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 

Security in a Cloudy Architecture

  • 1. Security in a Cloudy Architecture Geri Born Enterprise Solutions Group
  • 2. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remain at the sole discretion of Oracle. © 2010 Oracle Corporation 2
  • 3. Agenda • Introduction • Security Challenges • Identity and Access Management • Database Security • Conclusion • Q&A © 2010 Oracle – Proprietary and Confidential 3
  • 4. Enterprise Evolution to Cloud Public Clouds Hybrid IaaS PaaS IaaS SaaS Public Cloud Evolution PaaS SaaS Private Cloud Evolution Virtual Private Cloud App1 App2 App3 App1 App2 App3 App1 App2 App3 App1 App2 App3 Private PaaS Private PaaS Private PaaS Private IaaS Private IaaS Private IaaS Silo’d Grid Private Cloud Hybrid • Physical • Virtual • Self-service • Federation with • Dedicated • Shared services • Policy-based public clouds • Static • Dynamic resource mgmt • Interoperability • Heterogeneous • Standardized • Chargeback • Cloud bursting appliances • Capacity planning © 2010 Oracle Corporation 4
  • 5. Key Barriers to Cloud Computing 74% 74% rate cloud security issues as ―very significant‖ Source: IDC • Data privacy • Compliance • Access control © 2010 Oracle – Proprietary and Confidential 5
  • 6. Cloud Security Challenges Private Hybrid Public Cloud Cloud Cloud • IT agility • Interop • Data breaches • B2B collab • User • Multi-tenancy • Access control experience • Data location complexity • Workload • Compliance • Privileged user portability access • SLA © 2010 Oracle – Proprietary and Confidential 6
  • 7. Cloud Architecture & Management Self Service Interface Integrate Chargeback & Self Service Assembly Software Library with external Capacity Planning Provisioning Builder billing system Policy Manager (SLA Mgmt, DRS, DPM) Monitoring Provisioning Config. Mgmt. Integrate with external CMDB External Oracle Virtualization Plugin e.g., Amazon Cloud Plugin Cloud Management Layer Zone A Zone B Server Pool Server Pool Server Pool Tightly coupled cluster Tightly coupled cluster Loose grouping of individual (HA, Live Migration) (HA, Live Migration) machines (no HA or Live Migration) Storage Array Storage Array Storage Array (optional) Storage Array Storage Array Cloud Infrastructure Layer © 2010 Oracle Corporation 8
  • 8. Enterprise Architecture: Process for Securing the Cloud IT-as-a-Service Optimized IT Core Service Group A Application Grid Data Grid Integration Layer Service Group B Application Grid Data Grid Service Group C Application Grid Data Grid Enterprise Transitional Security Layer Architecture Pt. to Pt. Integrations Inv SFAProduct product ERP SCM productMES- DB LMS MGMT Complexity SFA-Product SFA Stage Product ERP- Stage product Dev DB- Stage B2B B2B- B2B- Stage SFA- ERP- MES- MES- Dev Test Prod Stage Prod 1 Client SFAProduct product ERP SCM productMES- DB LMSInv DB- FBT PAY G NTS Product ERP- product Dev Stage MGMT TRDS Stage Customs NTS A/c Data……. Security Security Security Security Penalty RBA De f RRE Re funds IPS Integrate d A/C 1 Excise Payments CCD Compliance Staff CR EC I ADD AWA ELS Staff Business Phone DDDR TASS PKI CDCC CWMS GC I Bus. Intel IVR WOC Ref aterial m BOA Remote TAX Client BANK Staff Staff AG ENTS Call Centres B EP 1 Align Business & IT 3 Focus on Future State 2 Governance Model 4 Repeatable, Iterative Approach
  • 9. The Oracle-Sun Red Stack V Third Party ISV Oracle Applications I Applications Applications R T Platform as a Service U Cloud Management Shared Services A Oracle Enterprise Manager L Integration: Process Mgmt: Security: User Interaction: I SOA Suite BPM Suite Identity Mgmt WebCenter Configuration Mgmt Z A Connect Application Grid: WebLogic Server, Coherence, Tuxedo, JRockit Policies to Controls Management Lifecycle T Database Grid: Oracle Database, RAC, ASM, Partitioning, I IMDB Cache, Active Data Guard, Database Security Application Performance Management O N Infrastructure as a Service Application Quality Management Oracle Solaris Operating Systems: OracleOracle Enterprise Linux Enterprise Linux Oracle VM for SPARC (LDom) Solaris Containers Connect Oracle VM for x86 Policies to Controls Center Ops Servers Physical and Virtual Systems Management Storage
  • 10. Agenda • Introduction • Security Challenges • Identity and Access Management • Database Security • Conclusion • Q&A © 2010 Oracle – Proprietary and Confidential 11
  • 11. Service-Oriented Security Identity Services for the Cloud Oracle Identity Management Identity Role Management Directory Services Authentication Authorization Federation Administration Web Services Web Services Web Services Oracle Apps 3rd Party/Custom Apps Cloud Service Providers • Enable IDM functionality - FW • Discrete, easily consumable services • Rapid app security, improved IT agility • Security woven - applications © 2010 Oracle – Proprietary and Confidential 12
  • 12. Identity Management Challenges in the Private Cloud Cloud model requires identity infrastructure: • Service-oriented • Standards-based • Loosely coupled Mind The Gap © 2010 Oracle – Proprietary and Confidential 13
  • 13. Identity Management Considerations in the Public Cloud IAM Service Provider Business Service Provider Identity Identity Identity Identity Assurance Admin Assurance Admin Business Service Consumer Identity Identity Federation Assurance • User lifecycle mgmt • Federated authN • Fraud prevention & risk mitigation © 2010 Oracle – Proprietary and Confidential 14
  • 14. User Provisioning Oracle Identity Manager Provisioning Self Registration Audit, Reporting, Attestation Integration Framework with Adapter Factory • Comprehensive lifecycle admin & mgmt • Delegated admin & self-service reduce overhead • Automated compliance reporting © 2010 Oracle – Proprietary and Confidential 15
  • 15. Entitlements Management Oracle Access Management Suite Custom Apps Employees Fine-grained Authorization App App Centralized Administration Partners Portals/SharePoint Distributed Enforcement App Customers Web Services • Externalization of authZ policy mgmt • Distributed policy enforce • FGA © 2010 Oracle – Proprietary and Confidential 16
  • 16. Identity Federation Federated Single Sign-On Oracle Identity Federation On-Premise  SAML 1.x Applications Employees/Partners/  SAML 2.0 Customers  Windows CardSpace  WS-Fed  OpenID Business Affiliates/Subsidiaries Cloud Applications • SSO between on-premise & cloud apps • Standards-based federation enables interop • Rapid deployment © 2010 Oracle – Proprietary and Confidential 17
  • 17. Identity Assurance Risk-Based Access Control Oracle Access Management Suite Secure Mutual Risk-Based Risk Scoring Authentication Authorization Device Employees/Partners/ Customer Geography Cloud Apps Time Activity Fraudster On-Premise Apps • Out-of-band authN • Identity proofing • Real-time fraud prevention © 2010 Oracle – Proprietary and Confidential 18
  • 18. Agenda • Introduction • Security Challenges • Identity and Access Management • Database Security • Conclusion • Q&A © 2010 Oracle – Proprietary and Confidential 19
  • 19. Multi-Tenant Data Management Option 1 Option 2 Option 3 Shared (Virtualized) Hardware Shared Database Shared Schema RISK • Privileged database user • Lost backups containing sensitive data or PII • Application exploits & by-pass • Regulatory infractions © 2010 Oracle – Proprietary and Confidential 20
  • 20. Database Security Defense-In-Depth Encryption & Masking • Advanced Security • Secure Backup • Data Masking Access Control • Database Vault • Label Security Monitoring • Audit Vault Encryption & Masking • Configuration Management • Total Recall Access Control Monitoring User/Role Management User/Role Management • Oracle Identity Management © 2010 Oracle – Proprietary and Confidential 21
  • 21. Oracle Advanced Security Comprehensive Standards-Based Encryption Disk Backups Exports Off-Site Facilities • Data stays encrypted when backed up • Encryption for data in transit • Strong authN of users & servers © 2010 Oracle – Proprietary and Confidential 22
  • 22. Oracle Data Masking Irreversible De-Identification Production Non-Production LAST_NAME SSN SALARY LAST_NAME SSN SALARY AGUILAR 203-33-3234 40,000 ANSKEKSL 111—23-1111 60,000 BENSON 323-22-2943 60,000 BKJHHEIEDK 222-34-1345 40,000 • Remove sensitive data from non-prod DBs • Ref Integ preserved • Sensitive data never leaves the database © 2010 Oracle – Proprietary and Confidential 23
  • 23. Oracle Database Vault Privileged User Access Control & Multi-Factor Authorization Procurement DBA HR Application Finance select * from finance.customers • Privileged DB users perform admin • Address SoD reqmts • Enforce security policies & block unauth DB activities © 2010 Oracle – Proprietary and Confidential 24
  • 24. Oracle Configuration Management Vulnerability Assessment & Secure Configuration Monitor Discover Classify Assess Prioritize Fix Monitor Asset Configuration Policy Vulnerability Analysis & Management Management Management Management Analytics & Audit • DB discovery • Continuous scanning best practices & industry standards • Detect & prevent unauthZ config changes • Change mgmt compliance reports © 2010 Oracle – Proprietary and Confidential 26
  • 25. Agenda • Introduction • Security Challenges • Identity and Access Management • Database Security • Conclusion • Q&A © 2010 Oracle – Proprietary and Confidential 27
  • 26. Regulatory Considerations for Cloud Security ENFORCE MONITOR Enforce Controls CONTROLS CONTROLS Monitor Controls Oracle Security Solutions Streamline Processes AUTOMATE STREAMLINE REPORTING PROCESSES Automate Reporting © 2010 Oracle – Proprietary and Confidential 28
  • 27. 29 © 2010 Oracle Corporation 29