Security in the Cloud

balanceonionringsInternet and Web Development

Nov 3, 2013 (3 years and 11 months ago)

93 views


© Copyright by ACTL Systems ltd.
Page 1




Security in the Cloud
1 Day Seminar by Dr. David Movshovitz

1. Introduction

Cloud computing is Internet-based computing model, whereby shared resources, software
and information are provided to computers and other devices on-demand. Details are
abstracted from the users who no longer have need of expertise in, or control over the
technology infrastructure "in the cloud" that supports them. Cloud computing describes a
new supplement, consumption and delivery model for IT services based on the Internet, and
it typically involves the provision of dynamically scalable and often virtualized resources as a
service over the Internet. Notwithstanding the latest buzzword (cloud, utility computing, IaaS,
PaaS, SaaS, etc.), cloud-like infrastructures are rapidly evolving and are here to stay. How
exactly they will look like tomorrow is still for the markets to decide, yet one thing is certain:
clouds bring with them new untested deployment and associated adversarial models and
vulnerabilities.
2. Seminar Description

In this one day seminar we will discuss the new cloud computing technologies and their
benefits as well as the new attack vectors associated with them. In addition, we will discuss
the governance and compliance issues that are raised due to the use of cloud computing
technologies and the security mechanisms to be used in order secure services and
applications in the cloud.
3. Goals

The objectives of this seminar are to get an understanding in:
o The main cloud computing technologies and the benefits from using them
o The new threats arising for cloud computing
o How to build secure services in cloud computing using access control, defensive,
and enablement services.

4. Participants

People who need to make design decisions for securing cloud technologies including:
o Security Architects
o SW Architects

5. Pre-requisites

No pre-requisite knowledge is required.

© Copyright by ACTL Systems ltd.
Page 2


Seminar Agenda

1. Overview of cloud technologies
• Basic cloud characteristics
• Deployment models: Private Cloud,
Public Clouds, Hybrid Cloud
• Service models: SaaS, PaaS, IaaS
• Benefits of using cloud technologies
• Cloud Computing Architectural
Framework
2. Cloud computing Threat Vector
3. Governing in the Cloud
• Governance and Enterprise Risk
Management
• Compliance and Audit
• Information Lifecycle Management

4. Security in the Cloud • Traditional Security, Business
Continuity, and Disaster Recovery
• Incident Response, Notification, and
Remediation
• Application Security
• Encryption and Key Management
• Identity and Access Management
o Identity services: Key differences
in how identity is handled in the
cloud


The seminar syllabus can be adapted to your needs!
Call us for a meeting to discuss your specific needs.