SlideShare ist ein Scribd-Unternehmen logo

BlockChain Enabled-Cloud Delivered For Network Secuirty

‱
‱
Happiest Minds Technologies
Happiest Minds Technologies

Happiest Minds would like to provide a deep dive into how Blockchain can be used to provide cloud-based network security.

Technologie
1 von 4
THE TIME IS NOW FOR BLOCKCHAIN ENABLED-CLOUD DELIVERED NETWORK SECURITY Networks are the nerve system of successful companies that are able to deliver on the ever-changing demands of a global marketplace. Although there are varied solutions that enable cloud-based orchestration of networks, they walk a tight rope due to the pros and cons they carry. While these solutions leverage concepts such as ‘intent based networking’ to provide immense flexibility and simplicity in managing networks, they also bring with them the challenges of multi-layer security and integrity. Although there are many ways to skin the proverbial cat, few, if any are more effective than embracing the underlying principles of Blockchain. We at Happiest Minds would like to provide a deep dive into how Blockchain can be used to provide cloud-based network security. We also have showcased a list of use-cases that can be used in the context of Software Defined Networking and proposed a solution that would be agnostic to network automation frameworks. EMERGENCE OF CLOUD ORCHESTRATION AND INTENT DRIVEN NETWORK CONFIGURATION AND MANAGEMENT Cloud based management platforms are crucial in managing important elements of the infrastructure that typically includes compute, storage and networking. An evolved version of this is ‘cloud orchestration’ that includes multiple cloud management platforms and other tools to provide a holistic view and manage a complex and interlinked cloud infrastructure. Concurrently, ‘Intent based Networking’ is the next big thing in the constantly busy networking world that was until recently smacking its lips over SDN and SD-WAN. The goal of intent-driven networking is to scale network management and add real intelligence to the infrastructure. A process that is intent driven allows for the management of networks with a single interface and effectively provisions orchestration. Engineers now benefit from a preconfigured network application that interprets intent and translates it to the various languages, protocols and syntax necessary to configure any type of network device. CHALLENGES OF MULTILAYER NETWORK SECURITY SDN and NFV have captured the imagination of several enthusiasts and businesses alike with a plethora of benefits like agility, openness, cost optimization and remote programmability. But they also bring with them pertinent security concerns that need to be addressed to maximize their business upside. Let us explore some of the most important challenges in ensuring security of multi-layered networks. INSIDER THREAT As is often the case, the biggest threat to a security operation being compromised is from the inside. It isn’t uncommon for a disgruntled employee or business associate to engage in nefarious activities like releasing viruses, worms, trojan horses or manipulating network configurations. Although the popular perception with insider threats is that they are caused with malicious intent, a lot of such data breaches and leaks are accidental and the result of a system with poor checks and balances. CONSISTENCY Ensuring consistent configurations across each layer like network automation platform, the SDN controller and the network elements is key in addressing today’s rapidly escalating security threats. Additionally, organizations need to be on top of all the latest upgrades and revisions that have been brought about by vendors of anti-virus systems, firewalls and intrusion detection systems. Falling behind this curve means exposing yourself to providing inconsistent configuration and compromised network security, which businesses of today can ill afford. INTEGRATION We live in a world that is driven by collaboration and integration and the same holds true for ensuring network security as well. While this collaboration and integration allows for unparalleled efficiency of deploying and managing network security in a heterogeneous environment, it also poses a significant risk as the lack of a shared identity roster could allow a partner to tamper with the sanctity of an entire network’s configuration. AVAILABILITY The definition of ‘Availability’ has changed drastically in recent times and the bar has been set higher with each iteration. Although availability in an absolute sense would entail “100% availability”, a more popularly accepted yet difficult target is the “five 9s” or 99.999% availability. There are mechanisms for High Availability which can ensure the “five 9s”, however, a lack of secure, reliable and instantaneous rollback from misconfigurations makes it an arduous task to recover from outages and ensure business continuity.
SILVER BULLETS TO ADDRESS THE CHALLENGES OF MULTI-LAYER NETWORK SECURITY LEVERAGING THE PRINCIPLES OF BLOCKCHAIN SOFTWARE DEFINED SECURITY SDSec offers a new way to design, deploy and manage networking services by decoupling the network function, such as firewalling and intrusion detection, from proprietary hardware appliances, so they can run in software mode. The result is a dynamic and distributed system that virtualizes the network security enforcement function, scales like VMs and is managed as a single, logical system. SOFTWARE DEFINED PERIMETER SDP solution ensures that all endpoints attempting to access a given infrastructure are authenticated and authorized prior to being able to access any resources on the network. All unauthorized network resources are made inaccessible. SEGMENTING Simply put, network segmentation is the act of splitting a network into many “sub networks” known as segments. With network segmentation, organizations can enhance network security by controlling access to sensitive data in the form of enabling or denying network access. The technology world is never short of new ideas that carry with them the smell of disruption and few ideas have captured the imagination of visionaries and pundits alike, as has ‘Blockchain’. Although the underlying technological components, processes and standards are still far away from reaching maturity, it hasn’t stopped a swathe of interested observers from imagining the unending possibilities. Arising from the emergence of ‘Bit Coin’, the idea of Blockchain has taken on a life of its own because of its potential to create an evolutionary ‘shift of trust’ from centralized to decentralized record keeping models in complex, interlinked and distributed business environments. While there are plenty of academic definitions of Blockchain, in its most practical sense it is a highly secure digital ledger that allows for information to be distributed but not copied so that businesses can use it as a single source of truth to track critical activities and create cost and operational efficiencies. For the purposes of this paper, we attempt to use the underlying philosophy of Blockchain to provide cloud-based network security, ensure adequate security at multiple layers while efficiently addressing complex integrity requirements. HOW IT WORKS? Someone requests a transaction The requested transaction is broadcasted to a P2P network consisting of computers, known as nodes The network of nodes validates the transaction and the user’s status using known algorithms A verified transaction can involve cryptocurrency, contracts, records or other information Once verified, the transaction is combined with other transactions to create a new block of data for the ledger The new block is then added to the existing blockchain, in a way that is permanent and unalterable The transaction is complete
ONAP ONAP (Open Network Automation Platform) is an open source software platform that delivers capabilities for the design, creation, orchestration, monitoring, and life cycle management of: Virtual Network Functions (VNFs) Carrier-scale Software Defined Networks (SDNs) that contain them Higher-level services that combine VNFs and SDNs A high level Solution Architecture with ONAP integration IDENTITY AND ACCESS MANAGEMENT Blockchain based identity management systems can ensure that user identification data, after appropriate consensus in a distributed environment is shared amongst the domains. In addition, appropriate provisioning privileges are granted based on the information stored in the latest node of the ledger. Further, the system can be linked to a biometric based authentication system – which would find further acceptance as compared to password based with emerging finger sensing capabilities in mobiles. INSIDER ATTACK PREVENTION & SECURITY EVENTS ONAP has a component DCAE – Data Collection and Analytics Engine that gathers VNF data, network data, logs and events and runs analytics for determining security events while responding to actions like modifying firewall rules or updating IPS signatures. By using Blockchain, tampering of information can be prevented thus ensuring that the analytics engine processes the right logs, in the right order resulting in prevention of any security event. CONFIGURATION MANIPULATION PREVENTION This is an important attack vector and some well-known techniques in this area are: With Blockchain infrastructure, we can get immutable and independent proof of time and order of configuration events like policy change configurations, topology change configurations, introduction of new services and changes in existing services. This property can be used to prevent any tampering of the configuration across the components of the configuration work flow. Insertion of malicious flow entries in network elements. Modification of network policies or configuration at the orchestrator or element layer Design DISTRIBUTION Deploy Metadata Models & Policies Deploy, Operate, Diagnoze & Remediate Testing Scheduler Service Path (SPaaS) IP Address Management Shared appsDesign Time Framework Execution Time Framework BLOCKCHAIN INFRASTRUCTURE IDENTITY MANAGEMENT ACCESS MANAGEMENT CONFIGURATION MANIPULATION PREVENTION CONSTANT MONITORING AND VERIFICATION Applications VNFs PNFs VMs Containers Analytics App Security App Controller Stream Agent Active Collector PORTAL Design Install Use Monitor View / Report Admin SDKs Onboard VFs Deliver Model Deliver Service Aggregate Usage Track Licenses Ingest Capacity Notify Fallout Provide KPIs Configure elements Collect Faults Collect Usage Collect Telemetry Execute tests DESIGN STUDIO Resource Onboarding Service Design Policy Creation/Editing Analytic App Design Certification CATALOG Products Services Policies Analytics Resources Processes Eng. Rules Recipies Control Loops openECOMP API gateway BSS OSS Orchestration Inventory Data Aggregation Data Collection Framework Stream Agent Active Collector Security Framework Security app Security app Optimization Framework Homing Network Placement License Analytics Framework Analytics app Analytics app SDN & App Controller Framework Controller Controller Platform Admin. Platform Analytics Resiliency Data Movement File Transfer / ETL Event Mgmt. COMMON PLATFORM Data Management Logging Access Control Run-time Control Data ReplicationContext Manager History OpenECOMP
Consider the typical work flow of service configuration: STEP 1 STEP 2 STEP 3 STEP 4 Typical flow: As depicted in the diagram above, when a configuration order request is received from the portal, the service creation component generates the service request and appropriate policies are then assigned in the design framework component. Blockchain Flow: When a new service order is received, the design component and policy creation engine stores the order information as well as the appropriate rules / policies into the blockchain Typical flow: The Policies and Rules created in Step 1 are then sent to the Run Time framework of the Controller Function. Blockchain Flow: When the Run-Time environment receives the rules and policies to be applied, it would query the blockchain infrastructure to ensure that the rules and policies stored in the last node of the Blockchain are same. Typical flow: The controller component would register the rules and update the inventory, topology info and push these rules as updates to nodes through south bound adaptors. Blockchain follow: The controller component would register the Blockchain validated rules Typical flow: The configurations are received and the node level is updated with the new configuration request. Blockchain follow: The nodes are updated with the Blockchain validated configurations. Similarly, at each subsequent step of the work flow, such pre-application validation can be performed. CONSTANT MONITORING AND VERIFICATION AN ADDITIONAL SAFE GUARD While due safeguards can be put in place at each stage of the configuration work-flow, there might still be a blind spot, which can provide a window of opportunity for the intruder to manipulate the network. We can use the signage property of the Blockchain to ensure that configuration is consistent and on detection of any failure, an appropriate roll-back is initiated. This can be achieved by deploying a monitoring agent at each element of the work-flow which would trigger an event for validation of the signed configuration data. CONCLUSION ABOUT HAPPIEST MINDS Undoubtedly, there are many solutions that can prevent security breaches. However, none of them are powerful enough to deter an insider from circumventing these solutions and removing their trails. Further any incorrect information of the events, logs and configuration changes can result in unexpected system behavior with disastrous consequences. Using blockchain ensures an immutable & signed record of events and configuration updates thus creating an independent validation system that is tamper proof and immune from external and internal attacks. Happiest Minds enables Digital Transformation for enterprises and technology providers by delivering seamless customer experience, business efficiency and actionable insights through an integrated set of disruptive technologies: NFV & SDN, Big Data analytics, Internet of Things, mobility, cloud, security, unified communications, etc. Happiest Minds offers domain-centric solutions-applying skills, IPs and functional expertise in IT Services, Product Engineering, Infrastructure Management and Security. These services have applicability across industry sectors such as retail, consumer packaged goods, e-commerce, banking, insurance, hi-tech, engineering R&D, manufacturing, automotive and travel/transportation/hospitality. Headquartered in Bangalore, India, Happiest Minds has operations in the US, UK, Singapore, Australia and has secured $52.5 million Series-A funding. Its investors are JPMorgan Private Equity Group, Intel Capital and Ashok Soota. Write to us at: sdnnfv@happiestminds.com www.happiestminds.com

Empfohlen

Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytestingThilak Pathirage -Senior IT Gov and Risk Consultant
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsHappiest Minds Technologies
 
Happiest Minds
Happiest MindsHappiest Minds
Happiest MindsFMA Summits
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...emagia
 
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHappiest Minds Technologies
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsRightScale
 

Empfohlen

Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Sql securitytesting
Sql securitytestingSql securitytesting
Sql securitytestingThilak Pathirage -Senior IT Gov and Risk Consultant
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsHappiest Minds Technologies
 
Happiest Minds
Happiest MindsHappiest Minds
Happiest MindsFMA Summits
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...emagia
 
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHappiest Minds Technologies
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsRightScale
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree Ltd.
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESHappiest Minds Technologies
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloudAzure Group
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in CloudMphasis
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESHappiest Minds Technologies
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceTayyaba Farhat
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4Activo Consulting
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingClinton DSouza
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingCloudSecurityAllianceAustralia
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentKaashivInfoTech Company
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Building Secure Services in the Cloud
Building Secure Services in the CloudBuilding Secure Services in the Cloud
Building Secure Services in the CloudSumo Logic
 
Providing user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure cloudsProviding user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure cloudsKamal Spring
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree Ltd.
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloudAzure Group
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in CloudMphasis
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESHappiest Minds Technologies
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceTayyaba Farhat
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4Activo Consulting
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingClinton DSouza
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentKaashivInfoTech Company
 

Was ist angesagt? (20)

Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principles
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-Usability
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloud
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security Playbook
 
Authentication and Privacy in Cloud
Authentication and Privacy in CloudAuthentication and Privacy in Cloud
Authentication and Privacy in Cloud
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
SaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-serviceSaaS (Software-as-a-Service) as-a-secure-service
SaaS (Software-as-a-Service) as-a-secure-service
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
Digital Asset Management with ES4
Digital Asset Management with ES4Digital Asset Management with ES4
Digital Asset Management with ES4
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud security
 
Security concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computingSecurity concerns with SaaS layer of cloud computing
Security concerns with SaaS layer of cloud computing
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud EnvironmentSecurity as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 

Ähnlich wie BlockChain Enabled-Cloud Delivered For Network Secuirty

Building Secure Services in the Cloud
Building Secure Services in the CloudBuilding Secure Services in the Cloud
Building Secure Services in the CloudSumo Logic
 
Providing user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure cloudsProviding user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure cloudsKamal Spring
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...IJIR JOURNALS IJIRUSA
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingEr. Saba karim
 
Emerging trends and technologies in Cloud Computing.pdf
Emerging trends and technologies in Cloud Computing.pdfEmerging trends and technologies in Cloud Computing.pdf
Emerging trends and technologies in Cloud Computing.pdfSparity1
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
 
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET Journal
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGSECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGIRJET Journal
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 

Ähnlich wie BlockChain Enabled-Cloud Delivered For Network Secuirty (20)

Building Secure Services in the Cloud
Building Secure Services in the CloudBuilding Secure Services in the Cloud
Building Secure Services in the Cloud
 
Providing user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure cloudsProviding user security guarantees in public infrastructure clouds
Providing user security guarantees in public infrastructure clouds
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Emerging trends and technologies in Cloud Computing.pdf
Emerging trends and technologies in Cloud Computing.pdfEmerging trends and technologies in Cloud Computing.pdf
Emerging trends and technologies in Cloud Computing.pdf
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
 
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGSECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?
 

Mehr von Happiest Minds Technologies

Largest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyLargest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyHappiest Minds Technologies
 
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGHappiest Minds Technologies
 
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceHappiest Minds Technologies
 
Digital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfDigital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfHappiest Minds Technologies
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKHappiest Minds Technologies
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...Happiest Minds Technologies
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 

Mehr von Happiest Minds Technologies (20)

Largest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyLargest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case Study
 
BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24
 
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
 
DIGITAL MANUFACTURING
DIGITAL MANUFACTURINGDIGITAL MANUFACTURING
DIGITAL MANUFACTURING
 
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
 
AN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSEAN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSE
 
VMware to AWS Cloud Migration
VMware to AWS Cloud MigrationVMware to AWS Cloud Migration
VMware to AWS Cloud Migration
 
Digital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfDigital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdf
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping Banking
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UK
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArk
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
 
How to Approach Tool Integrations
How to Approach Tool IntegrationsHow to Approach Tool Integrations
How to Approach Tool Integrations
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 
Contact Centre Growing Digital
Contact Centre Growing DigitalContact Centre Growing Digital
Contact Centre Growing Digital
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 

KĂŒrzlich hochgeladen

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vĂĄzquez
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

KĂŒrzlich hochgeladen (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls đŸ„° 8617370543 Service Offer VIP Hot Model
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

BlockChain Enabled-Cloud Delivered For Network Secuirty

  • 1. THE TIME IS NOW FOR BLOCKCHAIN ENABLED-CLOUD DELIVERED NETWORK SECURITY Networks are the nerve system of successful companies that are able to deliver on the ever-changing demands of a global marketplace. Although there are varied solutions that enable cloud-based orchestration of networks, they walk a tight rope due to the pros and cons they carry. While these solutions leverage concepts such as ‘intent based networking’ to provide immense flexibility and simplicity in managing networks, they also bring with them the challenges of multi-layer security and integrity. Although there are many ways to skin the proverbial cat, few, if any are more effective than embracing the underlying principles of Blockchain. We at Happiest Minds would like to provide a deep dive into how Blockchain can be used to provide cloud-based network security. We also have showcased a list of use-cases that can be used in the context of Software Defined Networking and proposed a solution that would be agnostic to network automation frameworks. EMERGENCE OF CLOUD ORCHESTRATION AND INTENT DRIVEN NETWORK CONFIGURATION AND MANAGEMENT Cloud based management platforms are crucial in managing important elements of the infrastructure that typically includes compute, storage and networking. An evolved version of this is ‘cloud orchestration’ that includes multiple cloud management platforms and other tools to provide a holistic view and manage a complex and interlinked cloud infrastructure. Concurrently, ‘Intent based Networking’ is the next big thing in the constantly busy networking world that was until recently smacking its lips over SDN and SD-WAN. The goal of intent-driven networking is to scale network management and add real intelligence to the infrastructure. A process that is intent driven allows for the management of networks with a single interface and effectively provisions orchestration. Engineers now benefit from a preconfigured network application that interprets intent and translates it to the various languages, protocols and syntax necessary to configure any type of network device. CHALLENGES OF MULTILAYER NETWORK SECURITY SDN and NFV have captured the imagination of several enthusiasts and businesses alike with a plethora of benefits like agility, openness, cost optimization and remote programmability. But they also bring with them pertinent security concerns that need to be addressed to maximize their business upside. Let us explore some of the most important challenges in ensuring security of multi-layered networks. INSIDER THREAT As is often the case, the biggest threat to a security operation being compromised is from the inside. It isn’t uncommon for a disgruntled employee or business associate to engage in nefarious activities like releasing viruses, worms, trojan horses or manipulating network configurations. Although the popular perception with insider threats is that they are caused with malicious intent, a lot of such data breaches and leaks are accidental and the result of a system with poor checks and balances. CONSISTENCY Ensuring consistent configurations across each layer like network automation platform, the SDN controller and the network elements is key in addressing today’s rapidly escalating security threats. Additionally, organizations need to be on top of all the latest upgrades and revisions that have been brought about by vendors of anti-virus systems, firewalls and intrusion detection systems. Falling behind this curve means exposing yourself to providing inconsistent configuration and compromised network security, which businesses of today can ill afford. INTEGRATION We live in a world that is driven by collaboration and integration and the same holds true for ensuring network security as well. While this collaboration and integration allows for unparalleled efficiency of deploying and managing network security in a heterogeneous environment, it also poses a significant risk as the lack of a shared identity roster could allow a partner to tamper with the sanctity of an entire network’s configuration. AVAILABILITY The definition of ‘Availability’ has changed drastically in recent times and the bar has been set higher with each iteration. Although availability in an absolute sense would entail “100% availability”, a more popularly accepted yet difficult target is the “five 9s” or 99.999% availability. There are mechanisms for High Availability which can ensure the “five 9s”, however, a lack of secure, reliable and instantaneous rollback from misconfigurations makes it an arduous task to recover from outages and ensure business continuity.
  • 2. SILVER BULLETS TO ADDRESS THE CHALLENGES OF MULTI-LAYER NETWORK SECURITY LEVERAGING THE PRINCIPLES OF BLOCKCHAIN SOFTWARE DEFINED SECURITY SDSec offers a new way to design, deploy and manage networking services by decoupling the network function, such as firewalling and intrusion detection, from proprietary hardware appliances, so they can run in software mode. The result is a dynamic and distributed system that virtualizes the network security enforcement function, scales like VMs and is managed as a single, logical system. SOFTWARE DEFINED PERIMETER SDP solution ensures that all endpoints attempting to access a given infrastructure are authenticated and authorized prior to being able to access any resources on the network. All unauthorized network resources are made inaccessible. SEGMENTING Simply put, network segmentation is the act of splitting a network into many “sub networks” known as segments. With network segmentation, organizations can enhance network security by controlling access to sensitive data in the form of enabling or denying network access. The technology world is never short of new ideas that carry with them the smell of disruption and few ideas have captured the imagination of visionaries and pundits alike, as has ‘Blockchain’. Although the underlying technological components, processes and standards are still far away from reaching maturity, it hasn’t stopped a swathe of interested observers from imagining the unending possibilities. Arising from the emergence of ‘Bit Coin’, the idea of Blockchain has taken on a life of its own because of its potential to create an evolutionary ‘shift of trust’ from centralized to decentralized record keeping models in complex, interlinked and distributed business environments. While there are plenty of academic definitions of Blockchain, in its most practical sense it is a highly secure digital ledger that allows for information to be distributed but not copied so that businesses can use it as a single source of truth to track critical activities and create cost and operational efficiencies. For the purposes of this paper, we attempt to use the underlying philosophy of Blockchain to provide cloud-based network security, ensure adequate security at multiple layers while efficiently addressing complex integrity requirements. HOW IT WORKS? Someone requests a transaction The requested transaction is broadcasted to a P2P network consisting of computers, known as nodes The network of nodes validates the transaction and the user’s status using known algorithms A verified transaction can involve cryptocurrency, contracts, records or other information Once verified, the transaction is combined with other transactions to create a new block of data for the ledger The new block is then added to the existing blockchain, in a way that is permanent and unalterable The transaction is complete
  • 3. ONAP ONAP (Open Network Automation Platform) is an open source software platform that delivers capabilities for the design, creation, orchestration, monitoring, and life cycle management of: Virtual Network Functions (VNFs) Carrier-scale Software Defined Networks (SDNs) that contain them Higher-level services that combine VNFs and SDNs A high level Solution Architecture with ONAP integration IDENTITY AND ACCESS MANAGEMENT Blockchain based identity management systems can ensure that user identification data, after appropriate consensus in a distributed environment is shared amongst the domains. In addition, appropriate provisioning privileges are granted based on the information stored in the latest node of the ledger. Further, the system can be linked to a biometric based authentication system – which would find further acceptance as compared to password based with emerging finger sensing capabilities in mobiles. INSIDER ATTACK PREVENTION & SECURITY EVENTS ONAP has a component DCAE – Data Collection and Analytics Engine that gathers VNF data, network data, logs and events and runs analytics for determining security events while responding to actions like modifying firewall rules or updating IPS signatures. By using Blockchain, tampering of information can be prevented thus ensuring that the analytics engine processes the right logs, in the right order resulting in prevention of any security event. CONFIGURATION MANIPULATION PREVENTION This is an important attack vector and some well-known techniques in this area are: With Blockchain infrastructure, we can get immutable and independent proof of time and order of configuration events like policy change configurations, topology change configurations, introduction of new services and changes in existing services. This property can be used to prevent any tampering of the configuration across the components of the configuration work flow. Insertion of malicious flow entries in network elements. Modification of network policies or configuration at the orchestrator or element layer Design DISTRIBUTION Deploy Metadata Models & Policies Deploy, Operate, Diagnoze & Remediate Testing Scheduler Service Path (SPaaS) IP Address Management Shared appsDesign Time Framework Execution Time Framework BLOCKCHAIN INFRASTRUCTURE IDENTITY MANAGEMENT ACCESS MANAGEMENT CONFIGURATION MANIPULATION PREVENTION CONSTANT MONITORING AND VERIFICATION Applications VNFs PNFs VMs Containers Analytics App Security App Controller Stream Agent Active Collector PORTAL Design Install Use Monitor View / Report Admin SDKs Onboard VFs Deliver Model Deliver Service Aggregate Usage Track Licenses Ingest Capacity Notify Fallout Provide KPIs Configure elements Collect Faults Collect Usage Collect Telemetry Execute tests DESIGN STUDIO Resource Onboarding Service Design Policy Creation/Editing Analytic App Design Certification CATALOG Products Services Policies Analytics Resources Processes Eng. Rules Recipies Control Loops openECOMP API gateway BSS OSS Orchestration Inventory Data Aggregation Data Collection Framework Stream Agent Active Collector Security Framework Security app Security app Optimization Framework Homing Network Placement License Analytics Framework Analytics app Analytics app SDN & App Controller Framework Controller Controller Platform Admin. Platform Analytics Resiliency Data Movement File Transfer / ETL Event Mgmt. COMMON PLATFORM Data Management Logging Access Control Run-time Control Data ReplicationContext Manager History OpenECOMP
  • 4. Consider the typical work flow of service configuration: STEP 1 STEP 2 STEP 3 STEP 4 Typical flow: As depicted in the diagram above, when a configuration order request is received from the portal, the service creation component generates the service request and appropriate policies are then assigned in the design framework component. Blockchain Flow: When a new service order is received, the design component and policy creation engine stores the order information as well as the appropriate rules / policies into the blockchain Typical flow: The Policies and Rules created in Step 1 are then sent to the Run Time framework of the Controller Function. Blockchain Flow: When the Run-Time environment receives the rules and policies to be applied, it would query the blockchain infrastructure to ensure that the rules and policies stored in the last node of the Blockchain are same. Typical flow: The controller component would register the rules and update the inventory, topology info and push these rules as updates to nodes through south bound adaptors. Blockchain follow: The controller component would register the Blockchain validated rules Typical flow: The configurations are received and the node level is updated with the new configuration request. Blockchain follow: The nodes are updated with the Blockchain validated configurations. Similarly, at each subsequent step of the work flow, such pre-application validation can be performed. CONSTANT MONITORING AND VERIFICATION AN ADDITIONAL SAFE GUARD While due safeguards can be put in place at each stage of the configuration work-flow, there might still be a blind spot, which can provide a window of opportunity for the intruder to manipulate the network. We can use the signage property of the Blockchain to ensure that configuration is consistent and on detection of any failure, an appropriate roll-back is initiated. This can be achieved by deploying a monitoring agent at each element of the work-flow which would trigger an event for validation of the signed configuration data. CONCLUSION ABOUT HAPPIEST MINDS Undoubtedly, there are many solutions that can prevent security breaches. However, none of them are powerful enough to deter an insider from circumventing these solutions and removing their trails. Further any incorrect information of the events, logs and configuration changes can result in unexpected system behavior with disastrous consequences. Using blockchain ensures an immutable & signed record of events and configuration updates thus creating an independent validation system that is tamper proof and immune from external and internal attacks. Happiest Minds enables Digital Transformation for enterprises and technology providers by delivering seamless customer experience, business efficiency and actionable insights through an integrated set of disruptive technologies: NFV & SDN, Big Data analytics, Internet of Things, mobility, cloud, security, unified communications, etc. Happiest Minds offers domain-centric solutions-applying skills, IPs and functional expertise in IT Services, Product Engineering, Infrastructure Management and Security. These services have applicability across industry sectors such as retail, consumer packaged goods, e-commerce, banking, insurance, hi-tech, engineering R&D, manufacturing, automotive and travel/transportation/hospitality. Headquartered in Bangalore, India, Happiest Minds has operations in the US, UK, Singapore, Australia and has secured $52.5 million Series-A funding. Its investors are JPMorgan Private Equity Group, Intel Capital and Ashok Soota. Write to us at: sdnnfv@happiestminds.com www.happiestminds.com