Cloud Computing
- TYPE: Track DATES: April 18 - April 19, 2012
If you are responsible for defining cloud strategies and/or involved in projects around Cloud Computing, especially with focus on security, track 2 will deliver the answers you are looking for. Learn how to not only move to the cloud but to mitigate cloud (security) risks and build your secure, hybrid environment making real value of Cloud Computing.
After attending this track you will be able to:
- Ensure compliance when moving to cloud computing.
- Take action to mitigate the security risks of cloud computing.
- Apply the standards for cloud security and auditing.
- Extend your Identity & Access Management into the Cloud.
- Avoid making the key mistakes when adopting cloud computing.
This track in total qualifies for up to 14 Group Learning based CPEs depending on the number of sessions you attend.
 |
KuppingerCole is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing education on the National Registry of CPE Sponsors. State Boards of accountancy have final authority on the acceptance of individual courses for CPE credits. Complaints regarding registered sponsors may be submitted to the National Registry through its website: www.learningmarket.org For more information regarding administrative policies such as complaint and refund, please contact Mr. Levent Kara at our office's telephone +49 211 23707710, email: lk@kuppingercole.com |
Moderators:
Tracks:
Cloud Computing Audit
Sessions:
Addressing Cloud Audit, Assurance and Compliance Needs – A Progress Report
Date: Wednesday, April 18, 2012 Time: 10:30-11:30
Location: Alpsee
Addressing Cloud Audit, Assurance and Compliance Needs – A Progress Report
A key enabler of cloud contracting and use -- all the way from comparison shipping and RfPs, through SLAs and monitoring, to auditing and regulatory enforcement -- is the availability of common vocabularies and operations for different service components. Open standards are required to make services comparable, portable and interoperable across vendors and architectures. As more organizations consider the shift toward cloud services, industry is working hard to offer new approaches to meet...
Global Perspectives on Cloud Auditing Challenges and Solutions
Date: Wednesday, April 18, 2012 Time: 11:30-12:30
Location: Alpsee
Global Perspectives on Cloud Auditing Challenges and Solutions
Auditing in the cloud environment, particularly for identity management systems, touches on a range of interconnected, international issues: data governance, competing legal and regulatory environments, standards and interoperability, and a host of specific policy issues that are increasingly problematic, such as data privacy. The October 2011 International Cloud Symposium organized by OASIS in London, identified many of these issues, and in this panel expert speakers examine them from a...
Cloud Identity & Access
Sessions:
The Cornerstones of Information Security in the Cloud
Date: Wednesday, April 18, 2012 Time: 14:00-15:00
Location: Alpsee
The Cornerstones of Information Security in the Cloud
Information Security in the Cloud - that's in fact moving towards a location-independent and provider-independent approach for information security. In the days of on-premise only IT (plus maybe an outsourcer), the focus could be on securing the network and the device. In these days where IT services are a mix of on-premise, private and public cloud services - i.e. in days where things become hybrid - we can't rely on network or system security. We don't really know where our data remains...
Extending your Identity & Access Management into the Cloud
Identity management across multiple SaaS (software-as-a-Service) applications as well as on-premise systems is a challenge to most enterprises. Challenges in Identity Management in the cloud, simply goes beyond how we do authentication, authorization and auditing right. Cross domain authentication, provisioning, interoperability, multi-tenancy, delegation and security are few challenges to name. The best way to preserve interoperability is to adhere to open standards. Lots of proprietary...
Is SCIM a Scam?
Date: Wednesday, April 18, 2012 Time: 15:00-16:00
Location: Alpsee
Is SCIM a Scam?
A short introduction into the concepts of the Simple Cloud Identity Management (SCIM) Standard and why we may need it.
Simple Cloud Identity Management (SCIM)
SCIM (Simple Cloud Identity Management) is one of the most popular standards in IAM these days. I shall replace SPML (Simple Provisioning Markup Language), building on a REST-based API. However the question remains whether it is more about porting the type of API or really a breakthrough for provisioning to the cloud. And the question remains whether it really will become adopted as a mainstream approach. Besides this, any good standard supports all of IT, not only the cloud. So what does...
Why you should not believe in Cloud-only Solutions
Date: Wednesday, April 18, 2012 Time: 17:00-18:00
Location: Alpsee
Why you should not believe in Cloud-only Solutions
Years ago, when the cloud became popular, KuppingerCole published a Cloud Roadmap with a simple target: One IT, not a separation of Cloud IT and On-Premise IT. However, there are still many offerings which are cloud-only, even while it is obvious that the reality for most organizations will remain hybrid. That’s true for many areas of IT, including IAM. There are also offerings for that. But is there really a value in solutions which only support the cloud? When do you need them, if at...
Cloud Identity Services - Models and Challenges
As the software-as-a-service (SaaS) market explodes, more and more organizations struggle to gain control over their user’s identities in the cloud. Some are also exploring outsourcing their identity and access management (IAM) functions to the cloud.
There are three architectural models for implementing cloud identity services:
In the cloud – identity and access management as an on-demand service
To the cloud – IAM from an on-premise platform
Hybrid –...
Cloud Security
Sessions:
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Date: Thursday, April 19, 2012 Time: 10:30-11:30
Location: Alpsee
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Trust Assumptions and Trustworthiness Assurance
Secure management of cloud components
Identity management requirements for both, critical infrastructure and privacy protection
Integrated Identitity management for administration personnel, maintenance personnel, hardware and autonomous systems, and software components.
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
Date: Thursday, April 19, 2012 Time: 11:30-12:30
Location: Alpsee
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
The presentation will introduce the Open Data Center Alliance and present the goals of the organization and the work of the Security Work Group.
Specifically, the two previously released Security Workgroup Usage cases, Security Provider Assurance and Security Monitoring, together with four soon to be released usage cases covering Identity Management will be presented.
Finally, there will be an opportunity to put your questions and to influence the future direction of the Security...
Paving the Way for Tomorrow´s Service Provisioning Architecture
Convergence and ubiquity are the key characteristics of tomorrow’s service provision infrastructures. Cloud architectures will constitute cost-efficient backbones that will support the transmission, storage, and computing of the applications contents. These architectures can be used for business, scientific, and pervasive computing purposes. The diversity of the services delivered through cloud infrastructures increases their vulnerability to security incidents and attacks. The cost...
Cloud Security
Sessions:
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Date: Thursday, April 19, 2012 Time: 14:00-15:00
Location: Alpsee
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Cloud computing provides an opportunity for organizations to optimize the procurement of IT services from both internal and external suppliers However - many organizations are sleepwalking into the Cloud. Moving to the cloud may outsource the provision of the IT service, but it does not outsource responsibility. This session will look at the issues that may be forgotten or ignored when adopting the cloud computing.
These include:
Ensuring legal and regulatory compliance
Assuring...
Secure Online Identity with Cloud Identity and Privacy Services
You will learn about a set of new capabilities under development for cloud identity platform. Aimed at governments and enterprises, this work, from Microsoft and the University of Kent, brings together advanced privacy features based on either the UProve or existing technologies, support for Trust Frameworks that simplify agreements between identity partners, support for delegation of authority to delegates whose identities are private, and a dramatically simplified programming environment...
Trusted Identity Information from the Cloud
Date: Thursday, April 19, 2012 Time: 15:00-16:00
Location: Alpsee
Trusted Identity Information from the Cloud
In this Session a proof of concept for a IAM service from the cloud (IAMaaS) will be outlined. The proof of concept takes place in the field of eGovernment. The IAM service delivers trusted information about a user to a service provider. These informations are highly secure stored in the cloud. The service provider will be able to grant access to the user according this information. How can data security be ensured? How do users keep data sovereignty? How do service providers know who to...
Cloud Service Broker - Adopting cloud services in Multi-tenant Enterprise Scenarios
Learn how the Dutch ICT company KPN developed a cloud service broker solution that reforms enterprise cloud integrations. The KPN cloud service broker aggregates services to multiple cloud providers and simplifies consumption of identity federation, authentication and data integration services for the enterprise. As a result, enterprises with high requirements can now efficiently integrate cloud services in complex scenarios.
The Bad Things that can happen if Encryption Management Fails
Date: Thursday, April 19, 2012 Time: 16:30-17:30
Location: Alpsee
The Bad Things that can happen if Encryption Management Fails
The recent surplus of security compromises is evidence of major encryption management failure across the IT landscape. Recent research has highlighted some alarming facts; companies have little idea how many of these security assets they have in their inventories, where they are deployed, who has access to them, or how they are managed. With little understanding of best management practices, enterprises are likely to experience significant security, operational, and audit risks. Drawing on...
Cloud Security Depends on Effective Key Management
Enterprises have amassed regulated and valuable data that flows within and beyond their networks, all of which must be protected. As a result, thousands of encryption keys and certificates have been deployed across their global infrastructures and in the cloud—to secure the data and authenticate systems. How are these critical security assets being managed? Organizations that fail to properly manage these assets subject themselves to security vulnerabilities, non-compliance and...
Addressing Cloud Audit, Assurance and Compliance Needs – A Progress Report
Date: Wednesday, April 18, 2012 Time: 10:30-11:30
Location: Alpsee
Addressing Cloud Audit, Assurance and Compliance Needs – A Progress Report
A key enabler of cloud contracting and use -- all the way from comparison shipping and RfPs, through SLAs and monitoring, to auditing and regulatory enforcement -- is the availability of common vocabularies and operations for different service components. Open standards are required to make services comparable, portable and interoperable across vendors and architectures. As more organizations consider the shift toward cloud services, industry is working hard to offer new approaches to meet...
Global Perspectives on Cloud Auditing Challenges and Solutions
Date: Wednesday, April 18, 2012 Time: 11:30-12:30
Location: Alpsee
Global Perspectives on Cloud Auditing Challenges and Solutions
Auditing in the cloud environment, particularly for identity management systems, touches on a range of interconnected, international issues: data governance, competing legal and regulatory environments, standards and interoperability, and a host of specific policy issues that are increasingly problematic, such as data privacy. The October 2011 International Cloud Symposium organized by OASIS in London, identified many of these issues, and in this panel expert speakers examine them from a...
Sessions:
The Cornerstones of Information Security in the Cloud
Date: Wednesday, April 18, 2012 Time: 14:00-15:00
Location: Alpsee
The Cornerstones of Information Security in the Cloud
Information Security in the Cloud - that's in fact moving towards a location-independent and provider-independent approach for information security. In the days of on-premise only IT (plus maybe an outsourcer), the focus could be on securing the network and the device. In these days where IT services are a mix of on-premise, private and public cloud services - i.e. in days where things become hybrid - we can't rely on network or system security. We don't really know where our data remains...
Extending your Identity & Access Management into the Cloud
Identity management across multiple SaaS (software-as-a-Service) applications as well as on-premise systems is a challenge to most enterprises. Challenges in Identity Management in the cloud, simply goes beyond how we do authentication, authorization and auditing right. Cross domain authentication, provisioning, interoperability, multi-tenancy, delegation and security are few challenges to name. The best way to preserve interoperability is to adhere to open standards. Lots of proprietary...
Is SCIM a Scam?
Date: Wednesday, April 18, 2012 Time: 15:00-16:00
Location: Alpsee
Is SCIM a Scam?
A short introduction into the concepts of the Simple Cloud Identity Management (SCIM) Standard and why we may need it.
Simple Cloud Identity Management (SCIM)
SCIM (Simple Cloud Identity Management) is one of the most popular standards in IAM these days. I shall replace SPML (Simple Provisioning Markup Language), building on a REST-based API. However the question remains whether it is more about porting the type of API or really a breakthrough for provisioning to the cloud. And the question remains whether it really will become adopted as a mainstream approach. Besides this, any good standard supports all of IT, not only the cloud. So what does...
Why you should not believe in Cloud-only Solutions
Date: Wednesday, April 18, 2012 Time: 17:00-18:00
Location: Alpsee
Why you should not believe in Cloud-only Solutions
Years ago, when the cloud became popular, KuppingerCole published a Cloud Roadmap with a simple target: One IT, not a separation of Cloud IT and On-Premise IT. However, there are still many offerings which are cloud-only, even while it is obvious that the reality for most organizations will remain hybrid. That’s true for many areas of IT, including IAM. There are also offerings for that. But is there really a value in solutions which only support the cloud? When do you need them, if at...
Cloud Identity Services - Models and Challenges
As the software-as-a-service (SaaS) market explodes, more and more organizations struggle to gain control over their user’s identities in the cloud. Some are also exploring outsourcing their identity and access management (IAM) functions to the cloud.
There are three architectural models for implementing cloud identity services:
In the cloud – identity and access management as an on-demand service
To the cloud – IAM from an on-premise platform
Hybrid –...
Cloud Security
Sessions:
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Date: Thursday, April 19, 2012 Time: 10:30-11:30
Location: Alpsee
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Trust Assumptions and Trustworthiness Assurance
Secure management of cloud components
Identity management requirements for both, critical infrastructure and privacy protection
Integrated Identitity management for administration personnel, maintenance personnel, hardware and autonomous systems, and software components.
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
Date: Thursday, April 19, 2012 Time: 11:30-12:30
Location: Alpsee
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
The presentation will introduce the Open Data Center Alliance and present the goals of the organization and the work of the Security Work Group.
Specifically, the two previously released Security Workgroup Usage cases, Security Provider Assurance and Security Monitoring, together with four soon to be released usage cases covering Identity Management will be presented.
Finally, there will be an opportunity to put your questions and to influence the future direction of the Security...
Paving the Way for Tomorrow´s Service Provisioning Architecture
Convergence and ubiquity are the key characteristics of tomorrow’s service provision infrastructures. Cloud architectures will constitute cost-efficient backbones that will support the transmission, storage, and computing of the applications contents. These architectures can be used for business, scientific, and pervasive computing purposes. The diversity of the services delivered through cloud infrastructures increases their vulnerability to security incidents and attacks. The cost...
Cloud Security
Sessions:
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Date: Thursday, April 19, 2012 Time: 14:00-15:00
Location: Alpsee
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Cloud computing provides an opportunity for organizations to optimize the procurement of IT services from both internal and external suppliers However - many organizations are sleepwalking into the Cloud. Moving to the cloud may outsource the provision of the IT service, but it does not outsource responsibility. This session will look at the issues that may be forgotten or ignored when adopting the cloud computing.
These include:
Ensuring legal and regulatory compliance
Assuring...
Secure Online Identity with Cloud Identity and Privacy Services
You will learn about a set of new capabilities under development for cloud identity platform. Aimed at governments and enterprises, this work, from Microsoft and the University of Kent, brings together advanced privacy features based on either the UProve or existing technologies, support for Trust Frameworks that simplify agreements between identity partners, support for delegation of authority to delegates whose identities are private, and a dramatically simplified programming environment...
Trusted Identity Information from the Cloud
Date: Thursday, April 19, 2012 Time: 15:00-16:00
Location: Alpsee
Trusted Identity Information from the Cloud
In this Session a proof of concept for a IAM service from the cloud (IAMaaS) will be outlined. The proof of concept takes place in the field of eGovernment. The IAM service delivers trusted information about a user to a service provider. These informations are highly secure stored in the cloud. The service provider will be able to grant access to the user according this information. How can data security be ensured? How do users keep data sovereignty? How do service providers know who to...
Cloud Service Broker - Adopting cloud services in Multi-tenant Enterprise Scenarios
Learn how the Dutch ICT company KPN developed a cloud service broker solution that reforms enterprise cloud integrations. The KPN cloud service broker aggregates services to multiple cloud providers and simplifies consumption of identity federation, authentication and data integration services for the enterprise. As a result, enterprises with high requirements can now efficiently integrate cloud services in complex scenarios.
The Bad Things that can happen if Encryption Management Fails
Date: Thursday, April 19, 2012 Time: 16:30-17:30
Location: Alpsee
The Bad Things that can happen if Encryption Management Fails
The recent surplus of security compromises is evidence of major encryption management failure across the IT landscape. Recent research has highlighted some alarming facts; companies have little idea how many of these security assets they have in their inventories, where they are deployed, who has access to them, or how they are managed. With little understanding of best management practices, enterprises are likely to experience significant security, operational, and audit risks. Drawing on...
Cloud Security Depends on Effective Key Management
Enterprises have amassed regulated and valuable data that flows within and beyond their networks, all of which must be protected. As a result, thousands of encryption keys and certificates have been deployed across their global infrastructures and in the cloud—to secure the data and authenticate systems. How are these critical security assets being managed? Organizations that fail to properly manage these assets subject themselves to security vulnerabilities, non-compliance and...
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Date: Thursday, April 19, 2012 Time: 10:30-11:30
Location: Alpsee
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Trust Assumptions and Trustworthiness Assurance
Secure management of cloud components
Identity management requirements for both, critical infrastructure and privacy protection
Integrated Identitity management for administration personnel, maintenance personnel, hardware and autonomous systems, and software components.
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
Date: Thursday, April 19, 2012 Time: 11:30-12:30
Location: Alpsee
Customer Driven Cloud Services – What Cloud Customers need Providers to do to better align
The presentation will introduce the Open Data Center Alliance and present the goals of the organization and the work of the Security Work Group.
Specifically, the two previously released Security Workgroup Usage cases, Security Provider Assurance and Security Monitoring, together with four soon to be released usage cases covering Identity Management will be presented.
Finally, there will be an opportunity to put your questions and to influence the future direction of the Security...
Paving the Way for Tomorrow´s Service Provisioning Architecture
Convergence and ubiquity are the key characteristics of tomorrow’s service provision infrastructures. Cloud architectures will constitute cost-efficient backbones that will support the transmission, storage, and computing of the applications contents. These architectures can be used for business, scientific, and pervasive computing purposes. The diversity of the services delivered through cloud infrastructures increases their vulnerability to security incidents and attacks. The cost...
Sessions:
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Date: Thursday, April 19, 2012 Time: 14:00-15:00
Location: Alpsee
Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Cloud computing provides an opportunity for organizations to optimize the procurement of IT services from both internal and external suppliers However - many organizations are sleepwalking into the Cloud. Moving to the cloud may outsource the provision of the IT service, but it does not outsource responsibility. This session will look at the issues that may be forgotten or ignored when adopting the cloud computing.
These include:
Ensuring legal and regulatory compliance
Assuring...
Secure Online Identity with Cloud Identity and Privacy Services
You will learn about a set of new capabilities under development for cloud identity platform. Aimed at governments and enterprises, this work, from Microsoft and the University of Kent, brings together advanced privacy features based on either the UProve or existing technologies, support for Trust Frameworks that simplify agreements between identity partners, support for delegation of authority to delegates whose identities are private, and a dramatically simplified programming environment...
Trusted Identity Information from the Cloud
Date: Thursday, April 19, 2012 Time: 15:00-16:00
Location: Alpsee
Trusted Identity Information from the Cloud
In this Session a proof of concept for a IAM service from the cloud (IAMaaS) will be outlined. The proof of concept takes place in the field of eGovernment. The IAM service delivers trusted information about a user to a service provider. These informations are highly secure stored in the cloud. The service provider will be able to grant access to the user according this information. How can data security be ensured? How do users keep data sovereignty? How do service providers know who to...
Cloud Service Broker - Adopting cloud services in Multi-tenant Enterprise Scenarios
Learn how the Dutch ICT company KPN developed a cloud service broker solution that reforms enterprise cloud integrations. The KPN cloud service broker aggregates services to multiple cloud providers and simplifies consumption of identity federation, authentication and data integration services for the enterprise. As a result, enterprises with high requirements can now efficiently integrate cloud services in complex scenarios.
The Bad Things that can happen if Encryption Management Fails
Date: Thursday, April 19, 2012 Time: 16:30-17:30
Location: Alpsee
The Bad Things that can happen if Encryption Management Fails
The recent surplus of security compromises is evidence of major encryption management failure across the IT landscape. Recent research has highlighted some alarming facts; companies have little idea how many of these security assets they have in their inventories, where they are deployed, who has access to them, or how they are managed. With little understanding of best management practices, enterprises are likely to experience significant security, operational, and audit risks. Drawing on...
Cloud Security Depends on Effective Key Management
Enterprises have amassed regulated and valuable data that flows within and beyond their networks, all of which must be protected. As a result, thousands of encryption keys and certificates have been deployed across their global infrastructures and in the cloud—to secure the data and authenticate systems. How are these critical security assets being managed? Organizations that fail to properly manage these assets subject themselves to security vulnerabilities, non-compliance and...
Stay Connected
European Identity & Cloud Conference 2012
- Language:
- English
- Registration fee:
-
€1980.00
$2475.00
S$3168.00
21780.00 kr
INVOICE
- Contact person:
-
Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
- Apr 17 - 20, 2012 Munich, Germany
Partners
The European Identity & Cloud Conference 2012 is proud to present a large number of partners
Learn more
How can we help you