The Creators of the Resource Cloud Concept

Abiquo


Abiquo Authors: RealWire News Distribution, Maureen O'Gara, Tom Leyden, Liz McMillan, Elizabeth White

Related Topics: Cloud Computing, Virtualization Magazine, Cloud Expo on Ulitzer, CIO/CTO Update

CIO/CTO Update: Article

Cloud Expo Preview: Security, Residency, and Malevolence

Three Security Sessions Are Among Many at Cloud Expo

Cloud Expo Opening Keynote

Security will be one of the top-of-mind issues at Cloud Expo when it opens April 19 at the Javits Center in New York.

Here are just three examples:

1. A session to be presented by Intel architect Charlton Barreto addresses the challenge of "building a more secure, trustworthy cloud."

Register Today and Save $550 !
Explore Sponsorship Opportunities !

As he says, "Cloud computing allows companies to perform feats of computation that would otherwise have been impossible, or at least prohibitively expensive. However, cloud computing has generally lacked the security features typically required by small and medium-sized enterprises. Likewise, in using public clouds, IT cedes control over key security parameters to the service provider."

Barreto's session promises to cover "technology advances, such as Trusted Boot Chains to enable or disable access to secure networks, Secure Enclaves to isolate process and data access, and IPsec to establish secure connections with data centers, which all enable cloud-based resources to enjoy a greater level of security, to the point where integrating them with a local network of servers become feasible."

2. A session by Terry Woloszyn, Founder/CTO of PerspecSys, addresses "data privacy, residency, and security in the cloud." The speaker notes, "Cloud solutions, especially Software-as-a-Service (SaaS), have questions regarding data security and governance arise. Depending on your jurisdiction, you may be subject to the recently released EU Data Protection Directive. In the US, you may have to cope with a patchwork of disparate and overlapping regulations, as well as sector-specific requirements such as HIPPA for healthcare, or FISMA and ITAR for public sector-related organizations."

He promises to present "strategies to address data privacy, residency, and security requirements when adopting Cloud solutions. The session will discuss both the technology options available as well as the functional and business value impacts of each strategy. Cloud Expo delegates will come away with a clearer understanding of the decisions surrounding SaaS adoption while remaining compliant with data governance requirements."

3. Another session uses the word "malevolence" (and you have to like that), incorporating the title, :Advanced Digital Forensics: Finding Malevolence in the Cloud Before it Bursts." It will be presented by Terremark Vice President of Advanced Security R&D AAron Walters, who will discuss "the unique technical challenges and advantages associated with performing digital forensics and incident response in virtualization and cloud environments."

Walters promises to present "advanced threats specific to these environments and examine why traditional security/forensic solutions and practices are often inadequate. Attendees will learn from first-hand experience about performing investigations in these environments and how investigators can look into memory (RAM) to find the future."

More Stories By Roger Strukhoff

Roger Strukhoff (@IoT2040) is Executive Director of the Tau Institute for Global ICT Research, with offices in Illinois and Manila. He is Conference Chair of @CloudExpo & @ThingsExpo, and Editor of SYS-CON Media's CloudComputing BigData & IoT Journals. He holds a BA from Knox College & conducted MBA studies at CSU-East Bay.