For those attending the EMEA edition of the Gartner Catalyst Conference (June 17 – 18, 2014 in London), here is what I will be presenting on:
1. How to use IaaS encryption to enable cloud adoption for high risk services
2. Private cloud security, the deja vus, the surprises and the pitfalls
3. With Big Data comes great responsibility, –securing Hadoops
The sessions in detail:
How to use IaaS encryption to enable cloud adoption for high risk services
The promise of IaaS data at rest encryption is to make sure that no one else but your organization can benefit from the organization’s intellectual property. To get as close to this promise as feasible, you need to make a candid trade-off between confidentiality, resilience and trust.
Key issues:
What possibilities to encrypt data on IaaS offerings exist and how do they differ?
Whose eyes can prey on my data?
What confidentiality and compliance goals can be achieved?
This presentation is based on my paper with the same name “How to use IaaS encryption to enable cloud adoption for high risk services” (soon to be published).
Private cloud security, the deja vus, the surprises and the pitfalls
In private clouds, new security requirements stem from the cloud paradigm that makes fork-lifting security from the physical world into the virtual world insufficient. The deployed security measures need to match the new paradigm that involves for example elasticity, portability, self-service and API Keys.
Key issues:
How must we think about private cloud security?
How do we best address segregation and security zoning?
How can we make security ready for elasticity?
With Big Data comes great responsibility, –securing Hadoop
Although Hadoop was initially not created with any notion of (data) security in mind, security features were recently grafted in to re-assure firms and open it up for a bigger market. This session analyzes the security features offered by the Hadoop software packages and third party products in the contexts of the surrounding computing paradigms, applications and data analytic layers.
Key Issues:
How must we think about Hadoop Security?
What are the main components that can be used to secure Hadoop at infrastructure level and at data level?
For better or worse: Is YARN (Hadoop 2.0) a security “game changer”?
This presentation is based on my paper about Hadoop Security, to be published mid 2014.