Home > Cloud Computing, Cloud Security, Presentations, Speaking Engagements > CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity

CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity

I’m hurrying to polish up the next in my series of virtualization and cloud computing security presentations which I’m going to give at this year’s Black Hat conference in Las Vegas on July 29th.  I’m speaking from 10-11am on day two up next to folks like Jeremiah Grossman, Moxie Marlinspike, Ivan Ristic, Haroon Meer…quite the “power hour” as someone said on the Twitter.

At any rate, I started the series a couple of years ago with the following progression:

  1. The Four Horsemen of the Virtualization Security Apocalypse
  2. The Frogs Who Desired a King: A Virtualization & Cloud Computing Fable Set To Interpretative Dance
  3. Cloudifornication: Indiscriminate Information Intercourse Involving Internet Infrastructure

I proudly present numero quatro:

CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information Centricity

Mass-market, low-cost, commodity infrastructure-as-a-Service Cloud Computing providers abstract away compute, network and storage and deliver hyper-scaleable capabilities.

This “abstraction distraction” has brought us to the point where the sanctity and security of the applications and information transiting them are dependent upon security models and expertise rooted in survivable distributed systems, at layers where many security professionals have no visibility.

The fundamental re-architecture of the infostructure, metastructure and infrastructure constructs in this new world forces us back to the design elements of building survivable systems focusing on information centricity — protecting the stuff that matters most in the first place.

The problem is that we’re unprepared for what this means and most practitioners and vendors focused on the walled garden, perimeterized models of typical DMZ architecture are at a loss as to how to apply security in a disintermediated and distributed sets of automated, loosely-coupled resources.

We’re going to cover the most salient points relating to how IaaS Cloud architecture shifts how, where and who architects, deploys and manages security in this “new world order” and what your options are in making sustainable security design decisions.

It’s progressing nicely.  Hope to see you there (and at Defcon)

  1. August 16th, 2010 at 13:57 | #1

    Chris-

    Thanks for your schpiels at blackhat, much appreciated. Have you posted this presentation? I would like to get a copy and you mentioned you would be posting it.

    erik

  1. July 7th, 2010 at 14:30 | #1
  2. July 7th, 2010 at 17:37 | #2
  3. July 18th, 2010 at 13:59 | #3
  4. July 25th, 2010 at 20:55 | #4
  5. August 10th, 2010 at 23:26 | #5
  6. August 16th, 2010 at 16:27 | #6
  7. August 22nd, 2010 at 18:19 | #7
  8. August 30th, 2010 at 23:21 | #8
  9. September 24th, 2010 at 11:13 | #9
  10. October 28th, 2011 at 16:50 | #10
  11. December 10th, 2011 at 10:11 | #11