Security in the Cloud
Gunnar Peterson, Arctec Group & Christofer Hoff, Cisco
Tuesday, 8am to 12pm
Who should attend: Security and software architects - anyone who needs to make design decisions for securing cloud technologies.
The time to build security into the system is when the systems are being designed. This means that security teams must get involved early in the system development lifecycle. Cloud architectures are rapidly evolving, and how they will end up looking is uncertain. What is certain is that if security is left to the last minute, it will be too late for anything beyond patch and pray.
Practical Focus: In this class you will learn how to build security services in cloud computing using access control, defensive, and enablement services.
Topics include:
-
Identity services: Key differences in how identity is handled in the cloud
-
Separating authentication, authorization, and attribution concerns
-
How to design for and roll out SAML, Information Cards, and OAuth identity standards
-
SOAP and REST Web services, including WS-Security, XML Signature, and XML encryption
-
Gateway and proxy cloud patterns: on/off ramp patterns to mediate cloud communications
-
Setting up federated identity with SAML and security token servers
-
Enabling a consistent authorization policy with XACML and SecPal
-
Hands-on threat-modeling exercises
