Download - The Cloud Cube
![Page 1: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/1.jpg)
The Benefits of the Cloudsor
Avoiding The Cloud Trap!
Adrius42
Recording some of the Jericho Forum thinking as it is Thunk!
![Page 2: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/2.jpg)
Then decide to which type of Cloud you want to move?
F I R S T C L A S S I F Y Y O U R D A T A !!! Determine what rules MUST apply to it.
Must it only exist in specific trust levels? For example can it leave Europe?
Does it have to stay in Safe Harbours?Must it stay in Europe?
We need a universal data classification model that is simple (cf G8 TLP)We need a recognised trust level standard for all aspects of computing We need standardised meta data that signals to “cloud security” the data’s security needs
![Page 3: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/3.jpg)
Then decide do you want to move to the Clouds
![Page 4: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/4.jpg)
To Cloud or Not to Cloud?
Clouds
Traditional
![Page 5: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/5.jpg)
Then decide what data you want to allow in the Clouds
![Page 6: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/6.jpg)
With what degree of translucency
![Page 7: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/7.jpg)
For all Clouds are not equal...
Fully automatedData Redundancy
Fully automatedDisaster Recovery
Fully automatedData Backup and
Recovery
Massively Scalable
Fully automatedSystem Redundancy
Full on Clouds this way >>>>>
<<<< Same old Traditional Approach
Self owned Disk StorageData Redundancy ...sometimes
Warmish Back up Data CentreFor Disaster RecoverySignificant switching impactAnd testing costs
Tapes sent by TruckData Backup andRecovery variable risk
ManualSystem Recovery
![Page 8: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/8.jpg)
Then decide what level you want to operate in the Clouds
![Page 9: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/9.jpg)
Cloud Layers
Process
Software
Platform
Infrastructure
Outcome / ValueA
b s
t r
a c
t I
o n
o
c c
u r
s
h e
r e
!
1st
2nd
3rd
Last!
Orc
hest
ratio
n
Security and IdA
M
![Page 10: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/10.jpg)
Then decide to which form of Cloud you want to move
![Page 11: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/11.jpg)
Cloud Forms
Internal
External
![Page 12: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/12.jpg)
Cloud Forms
Proprietary Open
![Page 13: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/13.jpg)
Cloud Forms
Proprietary Open
Internal
External
![Page 14: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/14.jpg)
Cloud Forms
Perimeterised
Deperimeterised
To get through here you need a
Collaboration Oriented
Architecture and the Jericho Forum Commandments
![Page 15: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/15.jpg)
Cloud Forms
Perimeterised
Deperimeterised
Proprietary Open
Internal
External
![Page 16: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/16.jpg)
Cloud Forms
Perimeterised
Deperimeterised
Proprietary Open
Internal
External
We need inter cloud “IPI” standards... especially those that enable Collaboration.IPI=“Information Programming Interface” There has to be a better name!!!
![Page 17: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/17.jpg)
Cloud Patterns
Perimeterised
Deperimeterised
Proprietary Open
Internal
External
Recognise some pathways between Clouds will be easier to enable than others!
![Page 18: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/18.jpg)
Cloud Patterns
Perimeterised
Deperimeterised
Proprietary Open
Internal
External
![Page 19: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/19.jpg)
...and ”then” ensure the controls you require are
available in the Clouds... ...Oops!!!
You mean “Cloud Security Central”
doesn’t exist?
![Page 20: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/20.jpg)
Cloud Layers
Process
Software
Platform
Infrastructure
Outcome / ValueA
b s
t r
a c
t I
o n
o
c c
u r
s
h e
r e
!
1st
2nd
3rd
Last!
Orc
hest
ratio
n
Security and IdA
M
Cloud Maturity Scale
![Page 21: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/21.jpg)
We haven’t even identified all the needs yet.
Bread Crumb DetectorBread Crumb Hoover
Cloud Identity Services
and their ProvidersWhat about Trust Levels?
![Page 22: The Cloud Cube](https://reader033.vdocuments.us/reader033/viewer/2022061603/554d2243b4c905ab268b49d9/html5/thumbnails/22.jpg)
Proposed Individual Trust LevelsTrust Intent Impact Trust Level Authentication PhysicalLevel Label Activity World equiv
T0 Stay None Anonymous None - Unidentified
T1 Self Insignificant Self Asserted None PseudonymAssertion*
T2 Proof Minor Document Verified Authenticated: Proof of Abodeof Identity Name, Address, Age Electricity
Bill
T3 T2+ Ability Major Legally/ Financially Authenticate Credit Credit Card to Commit Verified Worthiness and / Pay
Payment Method
1Pay* Ability to Pay Varied Single use Authenticate Credit a single Financially Worthiness and Single Cashtransaction Verified Use Payment Method
T4 T2+ Material Government Government Passport Gov Id Verified
T5 Protect Catastrophic Military Grade Positive Vetting Security Lives Clearance*1Pay: Can be appended to any Trust Level