...white pAper: cloud Securit y Securing the Cloud for the Enterprise A Joint White Paper from Symantec and VMware White Paper: Cloud Security Securing the Cloud for the Enterprise for A Joint White Paper from Symantec and VMware Contents Executive summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.0 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1 1.2 1.3 1.4 Enterprise computing trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Transitions in the journey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Evolving threat and compliance landscape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 A security strategy for the cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.0 Key elements of cloud security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Words: 5327 - Pages: 22
...Discussion and Justification Cloud users face security threats both from outside and inside the cloud. Many of the security issues involved in protecting clouds from outside threats are similar to those already facing large data centers. In the cloud, however, this responsibility is divided among potentially many parties, including the cloud user, the cloud vendor, and any third-party vendors that users rely on for security-sensitive software or configurations. The cloud user is responsible for application-level security. The cloud provider is responsible for physical security, and likely for enforcing external firewall policies. Security for intermediate layers of the software stack is shared between the user and the operator; the lower the level of abstraction exposed to the user, the more responsibility goes with it. While cloud computing may make external-facing security easier, it does pose the new problem of internal-facing security. Cloud providers must guard against theft or denial-of-service attacks by users. Users need to be protected from one another. The primary security mechanism in today's clouds is virtualization. It is a powerful defense, and protects against most attempts by users to attack one another or the underlying cloud infrastructure. However, not all resources are virtualized and not all virtualization environments are bug-free. Virtualization software has been known to contain bugs that allow virtualized code to "break loose" to some extent. Incorrect network...
Words: 2433 - Pages: 10
...impressed me were computer graphics by Petro Faloutsos, computer vision and robotics by John Tsotsos and computer security by Hamzeh Roumani. The reason for choosing these three topics is because computer graphics has always been one of my main interests and this lecture gave me a chance to know more about simulation and animation. John Tsotsos talked about his research related to computer vision and robotics because of which I developed an interest in robots and last but not a lecture about computer security in which I learnt new stuff about cryptography. Animating virtual humans is a crucial element of interactive applications according to professor Petro Faloutsos. These applications include medicine, critical situation simulation and interactive applications. He also gave us a little information about his ongoing project on human simulation and modeling. He told us that if we want to simulate a virtual human with high fidelity, we would have to have a layered system which consists of motor control, coordinated level behaviors and expressive facial animations and also mentioned about designing hardware and software accelerators for the physics based simulation. The very talented Professor John told us that his research was based on computer vision and robotics. He discussed how his research is helping in different fields like biomedical, tracking, security, object recognition, visual attention, autonomous wheelchair and motion perception. He mentioned a few things that...
Words: 543 - Pages: 3
...Securing and Protecting Information Jane Doe CGMT/400 March 9, 2015 John Doe Securing and Protecting Information As the most important asset within the organization it is necessary to provide measures that can effectively protect data from loss and unauthorized intrusions. Information security involves authenticating users with a high level of protocol and promoting accountability within the information infrastructure. This approach may involve use of the organization assets, identification, authentication, authorization and the use of third party security systems or devices to protect data from unauthorized access. Security Authentication Process The security authentication process is the first step in information security and assurance. This process involves “binding a specific ID to a specific computer connection” (University of Phoenix, 2011) in order to authenticate access to the information system. During this process the user provides a user ID and password to the computer system or remote server to verify his or her identity. Authentication is accomplished when the system or server matches the user ID to a specific password and grants the user remote access to system resources. Identification The identification process is an access control element designed to match a user to a specific process. The identification process is performed the first time a user ID is issued to a specific user. User IDs have unique values and can...
Words: 1903 - Pages: 8
...Title: ThreeDimensional Password for More Secure Authentication Goal The goal is to design a multi factor authentication scheme that combines the the various authentication scheme into a single 3D virtual environment which results in a larger password space. The design of 3D virtual environment, the selection of object inside the environment, and the object type reflect the resulted password space. User have freedom to select whether the 3D password will be solely recall, recognition, or token based, or combination of two schemes or more. Brief Description of the System The proposed system is a multi factor authentication scheme. It can combine all existing authentication schemes into a single 3D virtual environment. This 3D virtual environment contains several objects or items with which the user can interact. The user is presented with this 3D virtual environment where the user navigates and interacts with various objects. The sequence of actions and interactions toward the objects inside the 3D environment constructs the user’s 3D password. The 3D password can combine most existing authentication schemes such as textual passwords, graphical passwords, and various types of biometrics into a 3D virtual environment. The choice of what authentication schemes will be part of the user's 3D password reflects the user's preferences and requirements. A user who prefers to remember and recall a password might choose textual and graphical password as part ...
Words: 3177 - Pages: 13
...about providing the necessary security measures while sending or receiving the emails on the networks. In order to secure the transfer of email on the network, it should ensure that proper security policies and guidelines are defined on the network. IP Security IP Security defines the number of users or a group of users who are accessing the different information stored on a secured network. The number of users depends on the different version of IP packets used on the network. In olden days, there were few security approaches defined in order to be embedded within the application layers of the OSI (Open System Interconnectivity) communication model. IPsec is very useful for implementing virtual private networks and also used for secured remote user access using dial-up connection to virtual private networks. OSI and VPN is explained in Module 2. One of the key advantages of IPsec is it can handle security arrangements without requiring any changes to the individual hosts on the network. Cisco is the leader for developing various networking products across the world and is mainly responsible for demonstrating IPsec as a standard (or it`s a combination of standards and technologies) and has been defined to support the operation of network routers. IPsec defines two levels of security service on the network: The first service is the Authentication Header (AH), which help in authentication of sender data, and the second service is Encapsulating Security Payload (ESP), which is...
Words: 2324 - Pages: 10
...copies to install in an unlimited number of machines. UNIX offers a highly stable operating system (OS) that is ideal for full multitasking capabilities while protecting memory to prevent interference with other users. The stability provides greater uptime for increased productivity and less downtime for crash recovery and troubleshooting (Montpelier Open Source, n.d.). UNIX has been the baseline for Internet services and growth where machines on network can operate as clients and servers. Linux is a variant of UNIX and has established itself in the desktop, workstation, and increasingly in the server environments. A key benefit for Linux is the scope of freedom of distributions (distros) that provide many applications, freeware, and add-ons (Stanford University, 2004). Linux is extremely portability to a wide range of new and old machines. The majority of Linux variants are available free or at an economical price compared to Microsoft Windows. Linux is a very secure operating system and although it still can be prone to attacks, it inherently is more secure than Windows. Another huge benefit is the reliability of UNIX and Linux versions that can often run for months without the need to reboot. UNIX and Linux Disadvantages The learning curve for Command Line Interface (CLI) with many new users can be a hostile environment. CLI is predominantly designed for programmers (Craig, 2012). The GUI has revolutionized the computer industry for speed, ease of use, and features. Typing...
Words: 1984 - Pages: 8
...10/09/2011 APPLIED RESEARCH PROJECT MISCELLANEOUS: * Computer Ethics * Virtual Reality * Multimedia * Telecommuting * Data Security * International Issues * Computer Based-learning After reviewing several options for my discussion, I decided that exploring a publishing company, Design Space Media Group, LLC would be an excellent and diversified approach to the many miscellaneous aspects present within an organization. Design Space Media Group began publishing 7 years ago as a Chicago based Architectural Publication, and shortly after, expanded to several countries around the world. As the company cultivated its publications into several multimedia developments, Tranzit Magazine, a lifestyles by-product was launched along with several other new ventures. There were certain challenges that came with expanding, and the organization would have to adjust in order to thrive in a rather competitive, yet questionable economy. Computer Ethics According to Kenneth C. Laudon and Jane P. Laudon “Ethics refers to the principles of right and wrong that individuals, acting as free moral agents, use to make choices to guide their behaviors”. Computer ethics is set of moral principles that regulate the use of computers. With these simple moral principles, there are some common problems of computer ethics that includes intellectual property rights such as copyrighted electronic content, privacy concerns, child abuse, fraud and how computers affect...
Words: 2070 - Pages: 9
...virtualization. “Virtualization is the creation of a virtual (rather than actual) version of something, such as an operating system, a server, a storage device or network resources”. The virtualization innovation has assisted companies in a positive way, but also can inflict negative wounds to the organization. Virtualization is a proven software technology that is rapidly transforming the IT landscape and fundamentally changing the way that people compute. The 1960s was when virtualization was first deployed by IBM, itts main purpose was to operate mainframe hardware through separating them into virtual machine. In the 1980s and 1990s virtualization was not needed due to the growing numbers of desktop computing and x86 servers. New issues came to rise such as soaring maintenance and managing cost which lead to the creation of virtualization for x86 platform. Virtualization significantly drops general IT costs. Virtualization permits you to run several operating systems on a single computer. In July 2006 Microsoft made public a free Microsoft Virtual PC 2004 which is a windows hosted virtualization program. The latest version is combined with Windows 7 operating system (http://www.infobarrel.com/History_of_Virtualization). Today’s powerful x86 computer hardware was designed to run a single operating system and a single application. This leaves most machines vastly underutilized. Virtualization lets you run multiple virtual machines on a single physical machine, sharing the resources...
Words: 2624 - Pages: 11
...change how IT administrators and architects think about servers and system utilization, it is also going to affect the processes and tools used to manage what will certainly become an increasingly dynamic environment. Virtualization has actually been around for some time now, but the technology is still evolving. In fact, the word itself still means different things to different people. In broad terms, however, virtualization is about abstracting one layer of the technology stack from the next layer, like storage from servers or the OS from the applications. Abstracting the different layers, in turn, enables consolidation and better manageability. As a concept, virtualization applies to storage, networks, servers, applications, and access. When you look at storage and networks, the goal of virtualization is to aggregate a set of different devices so the total pool of resources looks and acts like a single entity. For example, you can configure a 40TB storage solution instead of a set of 20 2TB storage devices. But with other components, virtualization acts in the opposite direction, helping you to make a single system appear as though there are multiple systems. The most common example of this is server virtualization, where you host multiple OS instances and environments on a single server. In this assignment we are going to respond to certain question which will clarify server virtualization. 1. Explain the difference between the three types of server virtualization using...
Words: 1738 - Pages: 7
...Project: Access Control Proposal * Phase I: Risk mitigation plan to identify critical IT assets * Phase II: Policies and procedures for protecting the IT assets Contents I. Introduction 2 II. Diagram of the proposed solution 3 III. Phase I:Access Control Risk Mitigation 3 1. Identified Treats and vulnerabilities 3 2. IT assets 4 3. Treats and vulnerabilities per IT Domain 4 4. The System Security Team 5 5. Access Control Plan 5 IV. Phase II: Policies and procedures for protecting the IT assets 6 1) General Security Practices for VPN Remote Access 6 2. Protecting Cyber Assets: Secure Interactive Remote Access Concepts 7 2. How Employee Accesses the Corporate Network 9 3. How external Partners (Vendor) Access the Corporate Network 9 V. Conclusion 13 I. Introduction Access control mechanisms operate at a number of levels in a system, from applications down through the operating system to the hardware. Higher-level mechanisms can be more expressive, but also tend to be more vulnerable to attack, for a variety of reasons ranging from intrinsic complexity to implementer skill levels. Most attacks involve the opportunistic exploitation of bugs; and software that is very large, very widely used, or both (as with operating systems) is particularly likely to have security bugs found and publicized. Operating systems are also vulnerable to environmental changes that undermine the assumptions used in their design. The main function of access...
Words: 2458 - Pages: 10
...capstone project is to recommend a Windows networked environment to facilitate the remote monitoring of neuro-surgeries. As a consultant I was approached by XYZ-Monitoring to assist in the design of a network from the ground up that would support the remote monitoring of neuro-surgeries using Cadwell Laboratories’ Cascade system. XYZ-Monitoring (herein referred to as XYZ) wanted a Windows network that would be integrated with their existing Cisco ASA firewall device. XYZ wanted to use a virtualized environment because they had a limited budget for new hardware. They needed a secure solution that would meet HIPAA requirement concerning the security of patient data. XYZ requires all users to connect to their environment through a VPN connection bound to the Cisco ASA firewall. They have three user groups that will need to have access to the environment; however, they have multiple clients that need to remain separated when connected to the network. Given these requirements by XYZ, it was clear they wanted an Active Directory integrated environment so that users would be grouped by job function and by client. XYZ would need at least three high level Organizational Units (OUs), one for each job function; they would also potentially need an OU for each client. They would need Group Policy Objects (GPOs) to provide ease of administration once the design was complete as well as provide access policies to the environment based on job function. Provided with these requirements...
Words: 5873 - Pages: 24
...1. The advertising cycle. (12m) First step of advertising cycle is need assessment to determine the reason that need to advertise. For example, launch a new product or drop sales at the month are the reason that need to have advertising. Next, an initial planning with conceive high level concept need to be created. The initial planning need to explain how to conduct the advertisement that can successful achieve the goal. After that, determine the targets whether they are mass market, group or individuals. Before create an advertising campaign, you should know to whom you are advertising the product. You can identify the targets by the demographics factor such as gender, age, income and others. Then, determine the method that can be achieve to the target. Different advertising technique will be used to achieve different type of target. For example, you can achieve individual targets by email or group targets by social network such as Facebook. Next, launch the campaign toward the targets group by the method that determine before. For example, launch the campaign through in-store display or distribute the coupon. Last, measure and analyse results. Analysing a campaign after its completion is needed to assist a company in understanding the campaign’s success. The new knowledge then used when planning future campaigns. 2a. Definition and concept of e-learning. (4m) Definition: * E-learning is the online delivery of information for purposes of education,...
Words: 4165 - Pages: 17
...Disaster Securing and Protecting Information Sherry Stender CMGT 400 December 10, 2012 Dr. Derek Sedlack Disaster Securing and Protecting Information Authentication, verifying a user’s identity, is an important way to establish trust in business processes. Authentication is the process of verifying a user’s claim of identity and is most commonly implemented through a username and password combination when logging into a business’ system or application. While the password and username combination is the most common, there are various other methods of authentication such as: voice recognition, a token device, or swiping a smart card. Authentication is based on the principle that a proper form of identification is not produced by the user that the system will not correlate an authentication factor with a specific subject. Many factors can contribute to a system’s security, but the authentication is a key element to the success of a secure information system. Authentication is vital for maintaining the integrity, confidentiality, and availability of a business’ IT infrastructure. The application of access controls includes 4 processes: * Identification- obtaining the identity of the user that is seeking access to a physical or logical area * Authentication- confirming the user’s identity that is requesting access to a physical or logical area * Authorization- determining which specific actions can be performed by the authenticated user in a specific logical or...
Words: 1433 - Pages: 6
...strong brand and powerful strategy tools, there is always room for improvements. Four Seasons target markets are mostly luxury travellers, families, high-class events, and business travellers. Their hotels and resorts attract customers with their luxuriousness and reputation. Four Seasons successfully built an internationally recognizable brand to be a hospitality world leader. In the recent years, they developed a policy on “Supporting Sustainability”. They bring the idea of protecting the environment into a new defining core value. The problem is how to bring sustainability and the increased revenue and marketing opportunities that it offers to all areas of their enterprise. This will cut down some of their operational costs, it will also drives the content of their social media marketing, and eventually will drive new business. At the same time, focusing on social media is one of the most advantage steps they can continuously focus on. Four Seasons Hotel Toronto successfully launched a virtual platform to highlight its food and beverage properties and drive consumer traffic as well as increase awareness. I believe if they can combine their Supporting Sustainability and social media advantages, they can definitely strengthen their core values and improve business. My goal for this project is to analyze their current opportunities and strengths, as well as examine the possible strategies and tactics for Four Seasons all over the world, in order to equally reach their...
Words: 293 - Pages: 2