Se cloud presentations
0 likes467 views
This document discusses the SeCloud project, which aims to improve security of cloud-based applications through a proactive, risk-based approach. The project brings together multiple universities and research centers to study security issues from technical, organizational, and legal perspectives. Its goals are to develop new security tools and techniques, create a risk management model, and transfer knowledge to industry partners. The project seeks interactions with industry to validate its research and facilitate adoption of new secure development practices and technologies.
Se cloud presentations
- 1. SeCloud! Security-driven0engineering0of0 Cloud-based0Applica8ons! Prof!dr!Philippe!Thiran,!Sirris!!
- 2. Agenda! ≒ Mo5va5ons!and!objec5ves! ≒ Research!perspec5ves!and!consor5um! ≒ Interac5ons!with!industry! ! 2!
- 3. Agenda! ≒ Mo5va5ons!and!objec5ves! ≒ Research!perspec5ves!and!consor5um! ≒ Interac5ons!with!industry! ! 3!
- 6. Security! ≒ CloudFbased!applica5ons!! !Applica5on!using!Cloud!services!provided!by! !third0par8es0 ≒ New!security!challenges!introduced!by!the!mul8-party0 and!distributed!nature!of!CloudFbased!applica5ons! ! ≒ Some!examples! Service!availability! Data!locality! Data!aggrega5on!/!replica5on!
- 9. Needs! ≒ Prac5cal!and!proac8ve0approach0(security0by0 design)0 ≒ Good!knowledge!of!security0risks0speci鍖c!to! CloudFbased!applica5ons! ≒ Knowledge!must!be!built!upon0di鍖erent0 aspects!of!the!security!problems:!not!only! technical!aspects! 9!
- 11. Main!goals! ≒ Performing!scien5鍖c!research!! Set0of0tools,0technologies0and0techniques00 Proac8ve0security0approach0of!CloudFbased! applica5ons! ≒ Conceiving!a!security0risk0management0model0 Risk!evalua5on,!mi5ga5on!responses!to!cri5cal! risks,!vulnerabili5es!and!threats! ≒ Involving!the!industry!as0validator! 11!
- 12. Agenda! ≒ Mo5va5ons!and!objec5ves! ≒ Research!perspec5ves!and!consor5um! ≒ Interac5ons!with!industry! ! 12!
- 13. Research!perspec5ves! ≒ Proac8ve!introduc5on!of!security!in!CloudFbased! applica5ons!impacts!soNware!companies! Reconsidering!the0architecture0of0their0Cloud-based0 applica8on00 Selec5ng!and!adop5ng!new0security0infrastructure,0 protocols0and0standards!! Reconsidering!the0programming0technology0used!to! secure!cloud!soNware!! Changing!the!organiza8onal0and0development0 process!used!to!create!the!solu5on!! 13!
- 14. Research!perspec5ves! ≒ Approach!with!4!research!perspec5ves! Selec5on!of!research!areas!based!on! ≒ Industrial!relevance! ≒ 皆界庄艶稼5鍖c!界看稼岳姻庄恢顎5看稼!温稼糸!温厩温庄鉛温恢鉛艶!艶恰沿艶姻5壊艶!庄稼!岳鞄艶!遺看稼壊看姻5顎馨!14!
- 16. Agenda! ≒ Mo5va5ons!and!objec5ves! ≒ Research!perspec5ves!and!consor5um! ≒ Interac5ons!with!industry! ! 16!
- 17. Transfer!to!industry! Primary target group Security Risks Profiles Security solutions Security risk identification Secondary target group New technologies & services Application Profiles Research Industry Architecture Programming Infrastructure Process Security Solutions Security Solutions 17!
- 19. Interested?! ≒ Ge`ng!involved! Aaending!brokerage0 events0and!workshops!! Providing!your!business! cases!and!problems! Sharing!your!own! experience/exper5se!in! a!par5cular!domain!! Par5cipa5ng!in!pilot! cases! ! ≒ TakeFaway! Gathering!knowledge! and!inspira5on!! Ge`ng!advice!for!your! own!challenges! Establishing!longFterm! collabora5ons! Introducing!innova5ons! in!your!products/ services! 19!